Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Telecom Security in the Era of 5G and IoT

178 views

Published on

CTO at Positive Technologies, Dmitry Kurbatov discusses what kind of security risks are associated with 5G telecommunications networks and to what extent thеse risks could be managed. Topics include:
• How the 5G core network will work, and how it differs from the current telecom infrastructure.
• Benefits that the innovative 5G slicing technology can bring, and what its security risks will be.
• What new protocols, interfaces, and infrastructure-enhancing technologies like network functions virtualization will take off in the near future.
• Compatibility concerns with 4G, 3G, and 2G networks. What does this mean for 5G?

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Telecom Security in the Era of 5G and IoT

  1. 1. Telecom Security in the Era of 5G and IoT Dmitry Kurbatov, CTO dmitry.kurbatov@positive-tech.com
  2. 2.  Started as a network engineer in 2007  Switched to security in 2009  Joined Positive Technologies 2010 and it changed everything Who I am Signaling System 7 (SS7) security report Vulnerabilities of mobile Internet (GPRS) 2014 2016 Primary security threats to SS7 cellular networks 2017 Threats to packet core security of 4G network Next-generation networks, next- level cybersecurity problems (Diameter vulnerabilities) 2018 Diameter vulnerabilities exposure report 2019 5G security analytics
  3. 3. What we do Competences: Identification of threats and possible attack scenarios in companies of any business sphere Global cybersecurity research Wide range of products and services portfolio: corporate, ICS, telecom, financial, media, retail, government National scale sports and government cybersecurity service provider Worldwide leadership Web Banking ERP Telecom ICS
  4. 4. What we do Competences: Identification of threats and possible attack scenarios in companies of any business sphere Global cybersecurity research Wide range of products and services portfolio: corporate, ICS, telecom, financial, media, retail, government National scale sports and government cybersecurity service provider Worldwide leadership Web Banking ERP Telecom ICS More IT technologies penetrate into other segments
  5. 5. Positive Technologies in numbers Every year 200+ 200+ Information security audits 0-day vulnerabilities discovered We discovered more than 50% of all vulnerabilities in ICS and Telco Expertise 150+ 0-day vulnerabilities discovered in ICS 30+ 0-day vulnerabilities discovered in Telco 400+ Web security researches 30+ Public cybersecurity analytical reports
  6. 6. Agenda 1/3 of presentation V Few words about me and Positive Technologies V Inherited and new security issues in 5G V Security guidelines
  7. 7. What to look at in terms of security Transfer to new protocols 5G non-standalone or how will it work right now Virtualized everything Lots and lots of new devices and services
  8. 8. Where do I start … slicing  Splitting a network into isolated slices  Allocating separate (virtual) resources  Unique security policies to each slice
  9. 9. Where do I start … slicing more slices = more virtual devices = more configurations BUT 1/3 successful attacks during 4G network testing due to misconfiguration 75% of corp harbored critical or high-severity vulnerabilities because of configuration flaws Misconfiguration Misconfiguration Vulnerability in Rest API Vulnerability in network equipment
  10. 10. New core  Super flexible  Can serve all devices and new application  Based on SDN/NFV NEF NRF PCF UDM AF Network Exposure Function NF Repository Function Policy Control Function Unified Data Management Application Function AUSF Authentication Server Function AMF Core Access and Mobility Management Function SMF Session Management Function Nnef Nnrf Npcf Nudm Naf Nusf Namf Nsmf UE (R)AN UPF DN User Plane Function N2 N4 N5N3 N1
  11. 11. New core, all virtual  Lots of VMs and containers  Communication over software bus BUT NEF NRF PCF UDM AF Network Exposure Function NF Repository Function Policy Control Function Unified Data Management Application Function AUSF Authentication Server Function AMF Core Access and Mobility Management Function SMF Session Management Function Nnef Nnrf Npcf Nudm Naf Nusf Namf Nsmf UE (R)AN UPF DN User Plane Function N2 N4 N5N3 N1
  12. 12. New core, all virtual, web-based NEF NRF PCF UDM AF Network Exposure Function NF Repository Function Policy Control Function Unified Data Management Application Function AUSF Authentication Server Function AMF Core Access and Mobility Management Function SMF Session Management Function Nnef Nnrf Npcf Nudm Naf Nusf Namf Nsmf UE (R)AN UPF DN User Plane Function N2 N4 N5N3 N1 Architecture
  13. 13. New core, all virtual, web-based Example of communication between functions Service Registration Service Discovery Session Establishment Session Establishment Request HTTP PUT (NF register) 201 Created HTTP PUT (NFDiscovery) 200 OK (List of SMSFs) HTTP POST (Create PDU Session) 201 Created
  14. 14. Convergence of telecom and IT world  The 5G network core is TCP/IP-based  These protocols are open and well-known  Tools for finding and exploiting vulnerabilities are available to any adversary
  15. 15. Problem is clear, but not solved Hacking 5G will be just as simple as hacking the web or enterprise Difficulty of bypassing the perimeter (percentage of systems) Security level (percentage of web applications)
  16. 16. Analogue 1980 1991 1999 2001 2005 2010 2017 1G 2G 2.5G+ 3G 3.5G 4G 5G Constant & continual introduction of additional network access SS7 GTP SIP 4.5G APIs Diameter Backward compatibility 2019
  17. 17. Now what can a hacker do? Easily From anywhere Any mobile operator No special skills needed Steal your money Get access to your email and social media Track your location Intercept your data, calls, and SMS messages Take control of your digital identity from GSM to 5G Different protocols SAME THREATS Perform massive denial-of-service attacks
  18. 18. Protocol threat comparisons Successful attacks by threat types Threat Percentage of vulnerable networks (2017) SS7 networks Diameter networks Subscriber information disclosure 100% 100% Network information disclosure 63% 75% Subscriber traffic interception 89% —* Fraud 78% 33% Subscriber denial of service 100% 100% * In the tested networks, SMS transmission using the Diameter network was not carried out. To establish voice calls in 4G networks, the SIP protocol is used. Possible different reasons for previous generations out performing Diameter in certain areas.  SS7 threat awareness is higher  Diameter specific challenges Positive Technologies have further research being published very soon looking at Diameter. Comparing 4G networks using Diameter against earlier network generations
  19. 19. Inherited issue 5G non-standalone is vulnerable to denial of service AvailabilityConfidentiality IntegrityIntegrity ConfidentialityAvailability USUALSECURITY PRIORITIES IOTSECURITY PRIORITIES
  20. 20. Briefly about IoT 32% 37% 24% 8% 0 5 10 15 20 25 30 35 40 1 2 3 4 GARTNER: "By 2020, over 25% of identified attacks in enterprises will involve IoT." Already use IoT Preparing to implement IoT Will wait and see Will wait as long possible
  21. 21. Guess how easy is it? Millions of connected IoT devices mean millions of potential botnet soldiers Mirai, 500K devices in botnet 2016 1M potentially vulnerable 2019 TOTAL RESULTS 1,086,395 TOP COUNTRIES
  22. 22. Almost finished V Few words about me and Positive Technologies 2/3 of presentation V Inherited and new security issues in 5G V Security guidelines
  23. 23. Where to start Ensure protection where interoperability required from day one Secure new interfaces and communications channels Safeguard SDN/NFV and virtual environment Implement policies separately for network slices Take IoT in your network under control where possible
  24. 24. Summary Trustworthy solutions, constant verification Security by design is good, but implementation is always different Security awareness is the key Security should be comprehensive
  25. 25. Thanks for attention Dmitry.Kurbatov@positive-tech.com Contact@positive-tech.com

×