5G Networks Lack Adequate Cloud Security

Uploaded on 2021-11-29 in GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

5G systems provide accelerated communications, but they can be a target for cyber attacks if they are not properly secured. 5G, with its promised high-speed, low-latency performance, is finally here and with it a plethora of intriguing cloud computing developments loom.  

It seems almost impossible to overstate as 5G’s impact on the ability to create, store, use, and share data will be felt across most business sectors, especially those using the Internet of Things (IoT), AI, and machine learning.  

Already redefining business networks, 5G will also shift the role that cloud computing and networks play in storing, moving, and accessing data as innovation drives and creates more technological applications for digital business transformation. However the nature of 5G networks exacerbates the cyber security threat. Fifth-generation networking is inherently cloud-based and the recommended mitigations go far beyond the implementation of multifactor authentication to validate user identity. 

5G systems provide accelerated communications, but they can be a target to cyber attacks if they are not properly secured. 

Major US federal agencies have released the first in a series of reports detailing their expectations for providers of fifth-generation networking equipment and services. Addressing cloud providers and mobile operators, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) said: “5G networks should assign unique identities to all elements (and preferably to each interface) that will communicate to other elements in the 5G network”.

The report focuses on preventing and detecting lateral movement so that if one cloud resource is affected the entire network doesn’t become compromised.

Overcoming confusion around the shared responsibility model for cloud security has been part of the challenge. “Cloud providers and mobile network operators may share security responsibilities in a manner that requires the operators to take responsibility to secure their tenancy ‘in the cloud,’” the report says.  

Military Application Of Cloud Enabled 5G

The US Dept. of Defense and its component forces are focused on the need for increased connectivity in their military operations and the Pentagon has been planning a shift to fifth-generation communication technology. The technology that is being used to advance commercial industries has various applications in the military field.

A 5G-enabled “network of networks” established by Lockheed Martin integrates military and enterprise networks, and leverages existing telecommunication infrastructure technology. Lockheed aims is to enable seamless, resilient and secure connectivity and data flow across all battlefield assets in order to deliver prompt and decisive action on the battlefield.

5G networks are designed to be more secure than previous technology generations by providing link layer protection to prevent eavesdropping and tampering of data in transit. but no network technology provides end-to-end security. 

CISA and the NSA said that 5G service providers and system integrators must measures to block and detect lateral movement in the 5G cloud. To counter threats it is vital that 5G cloud infrastructures be built and configured securely, with capabilities in place to detect and respond to threats, providing a hardened environment for deploying secure network functions. 

GSMA Intelligence:    ITPro:    Nextgov:    I-HLS:   Brookings:    I-HLS:   Bleeping Computer:   IT Business Edge

You Might Also Read: 

Properly Securing Your Cloud System:

 

« Artificial Intelligence Could Be As Powerful As A Nuclear Weapon
Cyber Effects On The Legal Profession »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Itaccel

Itaccel

IT Accel began a decade ago as a band of technical recruiters who wanted to bring our experience and depth of knowledge to solving complex human resou

Hack in the Box Security Conference (HitBSecConf)

Hack in the Box Security Conference (HitBSecConf)

HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues. Our events feature two days of training and a two-day multi-track conference

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

Consult Hyperion

Consult Hyperion

Consult Hyperion is an independent strategic and technical consultancy specialising in digital identity and secure electronic transactions.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

Quadrant Information Security

Quadrant Information Security

Quadrant Information Security is a consulting firm committed to supporting organizations in all vertical markets and protecting their sensitive data.

Sift

Sift

The Sift Digital Trust Platform protects your business and customers from all vectors of fraud and abuse through our Live Machine Learning, global trust network and automation technologies.

Slovenska Akreditacija (SA)

Slovenska Akreditacija (SA)

Slovenska Akreditacija is the national accreditation body for Slovenia. The directory of members provides details of organisations offering certification services for ISO 27001.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

Cyber Security Courses

Cyber Security Courses

Cyber Security Courses was formed to help students in the UK find cyber security courses online.

Jacobs

Jacobs

Jacobs is at the forefront of the most important security issues today. We are inspired to be the best and deliver innovative, mission-focused outcomes that matter to our clients.

AaDya

AaDya

AaDya provide smart, simple, affordable and effective cybersecurity software solutions for small and medium businesses.

Resilience Cyber insurance

Resilience Cyber insurance

Resilience helps to improve cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce great cyber hygiene.

NASK

NASK

NASK is a National Research Institute under the supervision of the Chancellery of the Prime Minister of Poland. Our key activities involve ensuring security online.

VENZA

VENZA

VENZA is a data protection company that can help organisations mitigate their vulnerabilities and ensure compliance, keeping guests and their data safe from breaches.

Zeta Sky

Zeta Sky

Zeta Sky offers a full range of IT and cyber-security services for your business.