5G Networks Lack Adequate Cloud Security

Uploaded on 2021-11-29 in GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

5G systems provide accelerated communications, but they can be a target for cyber attacks if they are not properly secured. 5G, with its promised high-speed, low-latency performance, is finally here and with it a plethora of intriguing cloud computing developments loom.  

It seems almost impossible to overstate as 5G’s impact on the ability to create, store, use, and share data will be felt across most business sectors, especially those using the Internet of Things (IoT), AI, and machine learning.  

Already redefining business networks, 5G will also shift the role that cloud computing and networks play in storing, moving, and accessing data as innovation drives and creates more technological applications for digital business transformation. However the nature of 5G networks exacerbates the cyber security threat. Fifth-generation networking is inherently cloud-based and the recommended mitigations go far beyond the implementation of multifactor authentication to validate user identity. 

5G systems provide accelerated communications, but they can be a target to cyber attacks if they are not properly secured. 

Major US federal agencies have released the first in a series of reports detailing their expectations for providers of fifth-generation networking equipment and services. Addressing cloud providers and mobile operators, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) said: “5G networks should assign unique identities to all elements (and preferably to each interface) that will communicate to other elements in the 5G network”.

The report focuses on preventing and detecting lateral movement so that if one cloud resource is affected the entire network doesn’t become compromised.

Overcoming confusion around the shared responsibility model for cloud security has been part of the challenge. “Cloud providers and mobile network operators may share security responsibilities in a manner that requires the operators to take responsibility to secure their tenancy ‘in the cloud,’” the report says.  

Military Application Of Cloud Enabled 5G

The US Dept. of Defense and its component forces are focused on the need for increased connectivity in their military operations and the Pentagon has been planning a shift to fifth-generation communication technology. The technology that is being used to advance commercial industries has various applications in the military field.

A 5G-enabled “network of networks” established by Lockheed Martin integrates military and enterprise networks, and leverages existing telecommunication infrastructure technology. Lockheed aims is to enable seamless, resilient and secure connectivity and data flow across all battlefield assets in order to deliver prompt and decisive action on the battlefield.

5G networks are designed to be more secure than previous technology generations by providing link layer protection to prevent eavesdropping and tampering of data in transit. but no network technology provides end-to-end security. 

CISA and the NSA said that 5G service providers and system integrators must measures to block and detect lateral movement in the 5G cloud. To counter threats it is vital that 5G cloud infrastructures be built and configured securely, with capabilities in place to detect and respond to threats, providing a hardened environment for deploying secure network functions. 

GSMA Intelligence:    ITPro:    Nextgov:    I-HLS:   Brookings:    I-HLS:   Bleeping Computer:   IT Business Edge

You Might Also Read: 

Properly Securing Your Cloud System:

 

« Artificial Intelligence Could Be As Powerful As A Nuclear Weapon
Cyber Effects On The Legal Profession »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Integrity360

Integrity360

Integrity360 provide fully managed IT security services as well as security testing, integration, GRC and incident handling services.

Zentera Systems

Zentera Systems

Zentera's CoIP (Cloud over IP) solution offers enterprise-grade networking and security for the emerging cloud ecosystem.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

DivvyCloud

DivvyCloud

DivvyCloud protects your cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges.

CPP Group UK

CPP Group UK

CPP Group UK develops products to help insurers add further value to their products and services through its innovative suite of new products in FinTech, InsurTech and cyber security.

Cyber Threat Defense (CT Defense)

Cyber Threat Defense (CT Defense)

CT Defense specialize in penetration testing and security assessments.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

BreachQuest

BreachQuest

BreachQuest brings together cybersecurity experts with decades of experience identifying security flaws, penetrating networks, and responding to incidents.

NGN International

NGN International

NGN International is a full-fledged systems integrator and managed security services provider established in 2015 in Bahrain.

Sentra

Sentra

Sentra is focused on improving data security practices within the cloud, mitigating the risks of damaging data leaks by providing comprehensive visibility into critical data assets.

Secrutiny

Secrutiny

Scrutiny's core services include Cyber Maturity, Cyber Risk Analyser, Cyber Controls, Incident Response, SOC, Cyber Recovery and Assurance Testing.

Birch Cline Cybersecurity

Birch Cline Cybersecurity

Birch Cline specializes in helping Local Government and Education agencies, as well as mid-market organizations, build and maintain successful cybersecurity programs.

InterSec Inc.

InterSec Inc.

InterSec Inc. is a cybersecurity company that offers a variety of services to small and medium-sized businesses including CMMC Compliance, Program Management, Governance, & Cybersecurity.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

HYCU

HYCU

HYCU was born of the need to simplify data protection and provide equivalent levels of backup and recovery support across on premises, public cloud, and SaaS workloads.