Telecoms.com periodically invites third parties to share their views on the industry’s most pressing issues. In this piece Steve Buck Product Director at Evolved Intelligence urges the telecoms industry not to forget about security in its rush to 5G.
Technologists and developers, across all walks of life, share one common character trait. They are constantly looking forward – they want to take the next step, make the next big breakthrough, deliver on the promises of the future.
Little wonder then, that in the world of mobile, so much attention is focused on 5G. It is the next big thing and the race is on to deliver some elements of 5G networks early next year. By way of contrast, in Africa, 2G connections still account for the largest share of the market. Indeed, according to the GSMA, 3G connections will not overtake 2G in Africa until 2020, and by then 4G will have crawled its way up to just a 12 per cent market share from its current base of just two per cent of connections. Just park those figures for a moment.
Of course, there’s nothing wrong with the pace of technological change varying according to the laws of economics and the difficulties of landscape. What’s more, it’s right that the R&D technologists focus on what’s next, and – in particular – on what is new about what’s coming next.
In 5G, a lot of that focus is on network slicing. Among all the promises, potential and change surrounding 5G networks, it is the network slicing feature that stands out from the crowd. The capability to support different levels, speeds and types of services and applications across the entire core network and the individual cell sites by carving up the capacity into network service slices is one feature that truly sets 5G apart. Exposing this to new applications offers growth potential for operators and new services to benefit consumers.
However, history shows us that in the race to launch digital mobile networks, technologists have, in the past, been guilty of paying more attention to getting the new services to work than they have to network security, and then this is difficult to retrofit.
One example of that approach is the SS7 signalling network, which is crucial to roaming and the seamless mobility of handsets, but was not designed with security from interference in mind. The consequence, many years later, is that the SS7 signalling layer has effectively become an unlocked door which hackers and fraudsters can use to access the mobile network and do things like eavesdrop on calls, divert text messages or track location.
Of course, those early digital networks were seen primarily as voice networks and the total dominance of data across networks was not predicted. Today however, the technologists working on 5G know they are building a data network, and they also know that the security of that data, in a world where there is such a thing as “cyber-warfare”, is paramount.
It is not surprising therefore, that there is plenty of attention in 5G development on the new features of the network and also on the security of those features. In particular, there is a real focus on protecting the integrity of the data, of the network and of the network slices. For example, the technologists must overcome the challenge of data leakage across the network slices, as any leakage could be a way to access confidential services from less protected ones. Imagine the potential impact on a connected car slice of the network, or IoT connections controlling national infrastructure. This level of attention to detail on 5G network security is absolutely vital.
Nevertheless, there is a “but” in this process that is too easily overlooked. While the shiny new elements attract all the development focus, that unlocked door still exists on the vast majority of mobile networks. While some of the earliest 5G networks might be islands of technology, later ones will not. Handsets and other devices certainly will not; they will co-exist and interconnect with legacy networks.
Mass-produced 5G handsets will be built to support ‘all the Gs’ for at least the next ten years, maybe longer. Think back to those numbers in Africa and you will see just how far a very large number of users still have to travel on the road to 5G. And if a fraudster or a hacker gains access to the network through, say, an unlocked 3G door, it will not matter what handset or what level of G you are using, your phone could be hacked, tracked, or hijacked.
The plain fact is that until every network, in every country, in every part of the world, has full protection and puts a lock on its open signalling door, every new network is just as vulnerable as every old network. That is the reality.
The SS7 signalling firewall we have active on one Tier 1 Operator group network, as well as a number of other individual networks, currently stops many tens of thousands of fraudulent SS7 messages every day. We think that represents a very big tip of an exceedingly big iceberg. It’s an iceberg that, earlier this year, hit the customers of Telefonica in Germany with an attack that saw their bank’s two-factor authentication SMS messages intercepted and used by criminals to empty consumer bank accounts.
The GSMA has asked the 3GPP group writing the 5G standards to improve the security on signalling in 5G to stop hackers inserting or modifying signalling messages. The current signalling protocols for 5G have been defined to use http on TCP with information as JSON objects. APIs will be REStful. This is beneficial in allowing enterprises to easily use the signalling layer to create new applications, but it becomes essential that access control, authentication, integrity, encryption and permissions are part of the system to block hackers and fraudsters. We can’t have another open door.
So while I applaud the work being done to safeguard data on 5G networks, I believe we need to put even more focus on safeguarding the data on our existing networks. We need to address the challenge of retro-fitting new 5G security to existing 4G networks, and to roll-out more signalling firewalls that can safeguard 2G and 3G networks now. Above all, we need to ensure that everything we deploy and we develop can work together to protect our networks, our data, and our consumers both now and in the future.
Steve has some 30 years’ experience in mobile telecoms in engineering and marketing roles working both for vendors and mobile operators. As Product Director at Evolved Intelligence – a company providing SS7 signalling fraud, security and roaming solutions to mobile operators and their signalling partners – Steve leads the company’s product strategy and the development of its solutions.