Aug 29, 2022 10:54:00

5G networks are worryingly hackable

Mobile networks are moving from

monolithic systems from a single vendor to general-purpose hardware and cloud environments. However, it has been pointed out that the combined use of products and services from multiple vendors makes it easier for mistakes and misconfigurations to occur, increasing the number of clues for hacking.

5G Networks Are Worryingly Hackable - IEEE Spectrum
https://spectrum.ieee.org/5g-virtualization-increased-hackability

media.ccc.de - OpenRAN – 5G hacking just got a lot more interesting

https://media.ccc.de/v/mch2022-273-openran-5g-hacking-just-got-a-lot-more-interesting#t=9

At the hacker conference “ May Contain Hackers 2022 ” held in the Netherlands in July 2022, Karsten Noll, founder of the German security company Security Research Labs, said, “Most of the time, hackers infiltrate 5G networks. can take control of the network, steal customer data or disrupt business operations.”

Mobile networks have long relied on dedicated hardware from vendors such as Nokia, Ericsson, and Huawei, but in recent years, network 'virtualization' has been promoted.

'Virtualization' is duplicating key components in software so that they can run on commodity hardware or in the cloud. Virtualization offers many benefits, including faster and cheaper network deployment, rapid network upgrades, and dynamic reconfiguration as field conditions change.

In addition, the separation of hardware and software prevents vendor lock-in, allowing a mix of components from different network operators. This is also what open RAN advocates.

But Noll said virtualization is making 5G networks more complex, requiring automation to manage the network. He said that even with the advantage of being able to 'mix and use components from different companies,' mistakes and misconfigurations are more likely to occur.

In fact, Knoll and his team succeeded in infiltrating the 5G network based on APIs that revealed backdoors published online and old development sites that were accidentally left online. I'm here.

However, Mr. Knoll says, 'The really important question is how difficult it is to break through from the first foothold in the network to what is actually valuable.'

The team of Mr. Knoll et al. noticed that when diving into the network, the software package container was sometimes insufficient, making it easier to invade. Containers are supposed to be isolated from each other by nature, but the design of containers to be isolated from each other can interfere with the proper operation of software, and developers often remove protections. It seems that there is.

Knoll said this could be due to the telco's inexperience with cloud security. However, Xavier Costa Pérez, head of 5G network research and development at NEC Laboratories Europe, acknowledged that network virtualization poses inevitable risks, and that the telecoms industry sees this as a serious problem. It counters that it is partnering with cloud providers and borrowing their security expertise. According to Costa Perez, less than 10% of 5G networks are highly virtualized, and there are backup 4G networks that can be quickly switched over in case of problems.

``Security is often an afterthought rather than part of the development process,'' said Dmitry Kurbatov, co-founder of communications security company SecurityGen. However, there is a positive view that 'as a network owner, there is a chance to become more secure' by being able to solve problems on their own, which previously had to rely on vendors for security. is shown.