5G Networks Lack Adequate Cloud Security

Uploaded on 2021-11-29 in GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

5G systems provide accelerated communications, but they can be a target for cyber attacks if they are not properly secured. 5G, with its promised high-speed, low-latency performance, is finally here and with it a plethora of intriguing cloud computing developments loom.  

It seems almost impossible to overstate as 5G’s impact on the ability to create, store, use, and share data will be felt across most business sectors, especially those using the Internet of Things (IoT), AI, and machine learning.  

Already redefining business networks, 5G will also shift the role that cloud computing and networks play in storing, moving, and accessing data as innovation drives and creates more technological applications for digital business transformation. However the nature of 5G networks exacerbates the cyber security threat. Fifth-generation networking is inherently cloud-based and the recommended mitigations go far beyond the implementation of multifactor authentication to validate user identity. 

5G systems provide accelerated communications, but they can be a target to cyber attacks if they are not properly secured. 

Major US federal agencies have released the first in a series of reports detailing their expectations for providers of fifth-generation networking equipment and services. Addressing cloud providers and mobile operators, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) said: “5G networks should assign unique identities to all elements (and preferably to each interface) that will communicate to other elements in the 5G network”.

The report focuses on preventing and detecting lateral movement so that if one cloud resource is affected the entire network doesn’t become compromised.

Overcoming confusion around the shared responsibility model for cloud security has been part of the challenge. “Cloud providers and mobile network operators may share security responsibilities in a manner that requires the operators to take responsibility to secure their tenancy ‘in the cloud,’” the report says.  

Military Application Of Cloud Enabled 5G

The US Dept. of Defense and its component forces are focused on the need for increased connectivity in their military operations and the Pentagon has been planning a shift to fifth-generation communication technology. The technology that is being used to advance commercial industries has various applications in the military field.

A 5G-enabled “network of networks” established by Lockheed Martin integrates military and enterprise networks, and leverages existing telecommunication infrastructure technology. Lockheed aims is to enable seamless, resilient and secure connectivity and data flow across all battlefield assets in order to deliver prompt and decisive action on the battlefield.

5G networks are designed to be more secure than previous technology generations by providing link layer protection to prevent eavesdropping and tampering of data in transit. but no network technology provides end-to-end security. 

CISA and the NSA said that 5G service providers and system integrators must measures to block and detect lateral movement in the 5G cloud. To counter threats it is vital that 5G cloud infrastructures be built and configured securely, with capabilities in place to detect and respond to threats, providing a hardened environment for deploying secure network functions. 

GSMA Intelligence:    ITPro:    Nextgov:    I-HLS:   Brookings:    I-HLS:   Bleeping Computer:   IT Business Edge

You Might Also Read: 

Properly Securing Your Cloud System:

 

« Artificial Intelligence Could Be As Powerful As A Nuclear Weapon
Cyber Effects On The Legal Profession »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

Vaddy

Vaddy

Vaddy provide an automatic web vulnerability scanner for DevOps that performs robust security checks to ensure that web app code is secure.

Masergy Communications

Masergy Communications

Masergy delivers hybrid networking, managed security and cloud communication solutions to enterprises around the globe.

PrimaTech

PrimaTech

PrimaTech provide process safety, cyber and process security, and risk management consulting, training and software for the process industries.

NXO France

NXO France

NXO is an independent leader in the integration and management of digital workflows with services covering digital infrastructures, communications & collaboration, and security.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

Claranet

Claranet

Claranet are experts in modernising and running critical applications and infrastructure through end-to-end professional services, managed services and training.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

Zeusmark

Zeusmark

Zeusmark are a digital brand security company. We enable companies to successfully defend their brands, revenue and consumers online.

Sonrai Security

Sonrai Security

Sonrai Security delivers an enterprise security platform focused on identity and data protection inside AWS, Azure, and Google Cloud.

Auriga Consulting

Auriga Consulting

Auriga is a center of excellence in Cyber Security, Assurance and Monitoring Services, with a renowned track record of succeeding where others have failed.

Invicti Security

Invicti Security

Invicti Security is an AppSec leader transforming the way web applications are secured.

Oligo Security

Oligo Security

Oligo aims to streamline the usage of open source by making it secure and easy to protect. Through focusing developers on the relevant vulnerabilities we make the fixing process significantly shorter.

Segra

Segra

Segra owns and operates one of the nation’s largest fiber networks and provides best-in-class broadband and data security solutions throughout the Southeast and Mid-Atlantic.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

SpoofGuard

SpoofGuard

Spoofguard shields organizations from online scams, automating the entire process from domain monitoring to takedown enforcement.