A major security flaw in the 5G network architecture has been identified. The network slicing flaw impacts virtualized network functions and may allow theft of data and denial of service attacks. A significant vulnerability between different network slices on an operator 5G may leave enterprise customers exposed to malicious cyberattacks. 5G Network Slicing has a potential vulnerability to Cyberattacks.
Adaptive Mobile Security was the first entity to discover the flaw and shared its findings with the GSM Association (GSMA) on February 4, 2021. The GSMA designated the 5G network weaknesses collectively as CVD-2021-0047.
5G is a step up from the current 4G broadband network technology. 5G is a service-based architecture (SBA) that functions by providing a modular framework that deploys a set of related network functions. 5G allows consumers to discover and authorize their access to a plethora of services. Network functions are responsible for managing sessions, registering subscribers, storing subscriber data, managing subscriber profiles, and connecting the users to the internet via a base station. Each network function of the SBA can offer a specific service and at the same time request a service from another network function.
The 5G SBA is a new network concept that opens the network up to new partners and services, presenting unique security challenges. The slicing model is one of the significant ways the core SBA of the 5G network is composed. Each slice within the core network carries a logical group of network functions exclusively assigned to that specific slice or be shared among different slices. The creation of separate slices that prioritize unique characteristics such as large bandwidths enables a network operator to offer customized solutions to particular industries.
The identified network issue is most likely to cause significant security risks to enterprises dependent on network slicing and further undermine operator attempts to open new 5G revenues. The risk of attack is still shallow due to the small number of mobile operators with multiple live network slices on their networks. There are ongoing efforts between mobile security providers, GSMA, network operators, and regulatory bodies to address the 5G network slicing issue and undertake architecture updates to prevent exploitation.
5G network slicing permits mobile operators to subdivide their core and radio network into multiple distinct virtual blocks meant to provide varying amounts of resources and prioritization of different types of traffic. For example, a mobile broadband network slice can offer entertainment and internet-related services, and the Internet of Things (IoT) slice offers specific retail and manufacturing sector services. In contrast, standalone low latency slices can be used for mission-critical tasks such as healthcare.
Network slicing is a distinctive characteristic of 5G. It allows network operators to provide sections of their core network for specific vertical use cases such as automotive, critical infrastructure, entertainment, and healthcare. The effect is that the web is opened up to numerous partners after slicing into vertical-specific blocks and use cases. An examination of 5G core networks carrying both shared and dedicated network functions by Adaptive Mobile Security indicates that networks that support hybrid network functions with several slices experience a lack of mapping between the transport and application layer identities. The major flaw in industry standards may have widespread repercussions by creating opportunities for attackers to perpetrate data breaches and launch denial of service attacks across multiple slices after gaining access to the 5G service-based architecture. The situation is grave and may encourage hackers to exploit the network design flaw in slicing standards and gain access to the operator’s core network and the network slices allocated to other enterprises.
Effectively, network operators and their customers will be exposed and risk losing sensitive location data. Stolen location data can be used to track user location, loss of charging-related information, and cause potential interruption to the operation of slices and network functions. The mobile industry is deploying 5G network technology intending to increase efficiency and enhance functionality. The eventual move to 5G is inevitable as it carries numerous benefits. However, there needs to be a mindset change and embracing holistic and collaborative measures to address network security challenges. It calls for concerted efforts from working groups, standard bodies, network operators, and vendors.
Further research is required to identify if the current defined 5G standards’ mechanisms are sufficient in stopping attackers. The process revealed that the following main attack scenarios could not be prevented as it stands with the network slicing flaw, like a) User data extraction, b) Access to network function and information belonging to vertical customers; and c) Denial of service.
5G Network Slicing has a potential vulnerability to Cyberattacks which impacts virtualized network functions, may allow theft of data.
The core networks move to IT-based architecture and the cloud, and more hacking tools become available to malicious actors. The impact of the network slicing vulnerability on real-world applications is limited to the number of slices within 5G networks. The associated risks would have been significant had the fundamental flaw in 5G standards remained undiscovered. AdaptiveMobile Security recommends countermeasures that include partitioning the network into several security zones and applying signaling security filters between different slices, the core network, and external partners, and the shared and not-shared network functions.
There’s a need to include signaling layer protection solutions to protect against data leakage attacks that leverage the missing correlation between application and transport layers. Having alerted the industry to the gravity of the 5G network flaw, it is essential to promote best practices in the future, tagging along with all stakeholders.
Author: Alessandro Civati
Blockchain ID: https://lrx.is/KQuGPEe86m