5G Networks Lack Adequate Cloud Security

Uploaded on 2021-11-29 in GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

5G systems provide accelerated communications, but they can be a target for cyber attacks if they are not properly secured. 5G, with its promised high-speed, low-latency performance, is finally here and with it a plethora of intriguing cloud computing developments loom.  

It seems almost impossible to overstate as 5G’s impact on the ability to create, store, use, and share data will be felt across most business sectors, especially those using the Internet of Things (IoT), AI, and machine learning.  

Already redefining business networks, 5G will also shift the role that cloud computing and networks play in storing, moving, and accessing data as innovation drives and creates more technological applications for digital business transformation. However the nature of 5G networks exacerbates the cyber security threat. Fifth-generation networking is inherently cloud-based and the recommended mitigations go far beyond the implementation of multifactor authentication to validate user identity. 

5G systems provide accelerated communications, but they can be a target to cyber attacks if they are not properly secured. 

Major US federal agencies have released the first in a series of reports detailing their expectations for providers of fifth-generation networking equipment and services. Addressing cloud providers and mobile operators, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) said: “5G networks should assign unique identities to all elements (and preferably to each interface) that will communicate to other elements in the 5G network”.

The report focuses on preventing and detecting lateral movement so that if one cloud resource is affected the entire network doesn’t become compromised.

Overcoming confusion around the shared responsibility model for cloud security has been part of the challenge. “Cloud providers and mobile network operators may share security responsibilities in a manner that requires the operators to take responsibility to secure their tenancy ‘in the cloud,’” the report says.  

Military Application Of Cloud Enabled 5G

The US Dept. of Defense and its component forces are focused on the need for increased connectivity in their military operations and the Pentagon has been planning a shift to fifth-generation communication technology. The technology that is being used to advance commercial industries has various applications in the military field.

A 5G-enabled “network of networks” established by Lockheed Martin integrates military and enterprise networks, and leverages existing telecommunication infrastructure technology. Lockheed aims is to enable seamless, resilient and secure connectivity and data flow across all battlefield assets in order to deliver prompt and decisive action on the battlefield.

5G networks are designed to be more secure than previous technology generations by providing link layer protection to prevent eavesdropping and tampering of data in transit. but no network technology provides end-to-end security. 

CISA and the NSA said that 5G service providers and system integrators must measures to block and detect lateral movement in the 5G cloud. To counter threats it is vital that 5G cloud infrastructures be built and configured securely, with capabilities in place to detect and respond to threats, providing a hardened environment for deploying secure network functions. 

GSMA Intelligence:    ITPro:    Nextgov:    I-HLS:   Brookings:    I-HLS:   Bleeping Computer:   IT Business Edge

You Might Also Read: 

Properly Securing Your Cloud System:

 

« Artificial Intelligence Could Be As Powerful As A Nuclear Weapon
Cyber Effects On The Legal Profession »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

PFP Cybersecurity

PFP Cybersecurity

PFP provides a SaaS solution for life-cycle protection based on our IoT security platform and power usage analytics.

Lynxspring

Lynxspring

Lynxspring provides edge-to-enterprise solutions and IoT technology for intelligent buildings, energy management, equipment control and specialty machine-to-machine applications.

Secure Decisions

Secure Decisions

Secure Decisions focus on research and product development related to national security including information assurance, computer network defense, cyber security education, and application security.

Modulo Security

Modulo Security

Modulo provides automated Governance, Risk, and Compliance (GRC) solutions.

Cyber Security & Cloud Expo

Cyber Security & Cloud Expo

The Cyber Security & Cloud Expo is an international event series in London, Amsterdam and Silicon Valley.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

The Cyber AB

The Cyber AB

The Cyber AB is the official accreditation body of the Cybersecurity Maturity Model Certification (CMMC) Ecosystem.

Telsy

Telsy

Telsy is a security partner for ICT solutions and services. We help you implement effective security solutions that increase your risk mitigation ability and your responsiveness.

HORNE

HORNE

HORNE is a professional services firm supporting clients in public, private & government sectors nationwide.

KATIM

KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses.

Borwell

Borwell

Borwell delivers software and IT solutions to the UK MoD and to UK Government departments, which are secure by design.

ImagineX Consulting

ImagineX Consulting

ImagineX Consulting is a cybersecurity-focused boutique technology consultancy whose mission is to help our clients #BeBetter by reducing their corporate risk.

QANplatform

QANplatform

QANplatform is a Quantum-resistant hybrid blockchain platform.

Sinergi Digital

Sinergi Digital

Sinergi Digital is a business unit of the Metrodata Group with a focus on providing ICT solution to help accelerating digital transformation.

Ransomware Help

Ransomware Help

Ransomware Help is a trusted ransomware recovery company offering fast and effective ransomware recovery services to get your business back on track.