5G is here, and these threats are lurking...

5G is coming, and it will be possible to experience mobile networks with peak transmission rates exceeding 1Gbps-10Gbps and latency as low as 10ms or even 1ms. However, behind the excitement, hidden security threats will also come along, making it difficult to guard against.

[[250769]]

Protocol vulnerabilities are the most terrifying

Like 3G and 4G networks, the existing 5G also uses a protocol called "Authentication and Key Agreement (AKA)" for identity authentication, which is a security specification that allows users and networks to trust each other. However, security researchers have pointed out that this protocol will expose at least two major vulnerabilities after being applied to 5G.

The first vulnerability is that attackers can use the AKA protocol to locate nearby mobile phones and track them. The second vulnerability is that the vulnerable version of AKA may cause some users to be maliciously charged when using 5G networks. Fortunately, since 5G is still in its infancy, it seems that it is not too late to discover and update the 5G protocol standard early.

In fact, any communication protocol, including LTE, no matter how powerful its security system is or how complex its encryption algorithm is, can be vulnerable to instant collapse as long as there is a marginal threat or unsafe function. To put it in an analogy, a vulnerability at the protocol level is like a potential safety hazard when laying the foundation for a building, which is serious and far-reaching.

5G attack surface will increase dramatically

A recent IoT analysis report predicts that by 2025, the number of IoT devices will increase from the current 7 billion to 21.5 billion. The explosive growth of IoT devices will cause the attack surface to expand to an unimaginable level in the 5G era. Moreover, compared with 3G and 4G, 5G, as a new generation of mobile network, requires the construction of more dense base stations in some scenarios in order to obtain high data rates, high-quality service quality and extremely low latency.

All of the above have made mission-critical applications more accessible, and factories, enterprises, and public critical infrastructure more dependent on 5G data connections, which invisibly exposes more attack surfaces of mobile networks. The exponential growth of distributed denial of service (DDoS) attacks, ransomware encryption hijacking, and other security threats that have continued to rage in recent years has confirmed from another perspective that the 5G attack surface will only increase. It is conceivable that when some factories gradually begin to use IoT sensors and connect to 5G mobile networks, will it still be difficult to recruit zombie armies for DDoS attacks?

Side channel attacks should not be underestimated

In addition, in order to cope with 5G applications in various scenarios in the future, 5G will adopt network slicing technology, and typical slices include large-scale Internet of Things, mission-critical Internet of Things and enhanced mobile broadband. However, 5G slicing may not only be the above three typical slices, but also launch different network slices customized for specific services, and even virtual operators define slices themselves. However, different slices have different requirements for network reliability and security, and because multiple slices coexist on the same physical network, they are more vulnerable to side-channel attacks.

Note: Network slicing refers to sharing network physical resources to carve out multiple logically independent virtual networks for different application scenarios, which are managed and controlled by the system hypervisor.

So what is a side-channel attack? In layman's terms, it is a way of attacking by taking a shortcut instead of taking the main road. The official definition from cryptography refers to those ways of cracking passwords that can bypass the tedious analysis of encryption algorithms, use the information leaked in the hardware implementation of encryption algorithms, such as execution time, power consumption, electromagnetic radiation, etc., and combine with statistical theory. This is like a "timing attack", where attackers can deduce keys by analyzing the time execution of encryption algorithms. With the help of a side-channel attack, attackers can also understand the code running rules in the virtual machine in 5G "slice 1", and calmly infer the code running rules in "slice 2", and then launch an attack on "slice 2". For this situation, 5G slices need to deploy a careful isolation mechanism, especially the isolation between virtual machines.

Conclusion

The development of 5G is unstoppable. However, with the failure of traditional security protocols, the continuous expansion of the attack surface, and the difficult-to-prevent side-channel attacks, all of these have laid hidden dangers on the road to 5G deployment. These hidden dangers are like "time bombs" on 5G, which may explode and cause harm at any time. So before the commercial use of 5G, can we find loopholes in advance and start "demolition"? This "5G test" is not easy.