SlideShare a Scribd company logo

Address 5G Vulnerabilities with SecurityGen's Expert Solution

Security Gen
Security Gen

Don't let 5G vulnerabilities compromise your network security. SecurityGen offers advanced solutions to mitigate and address 5G vulnerabilities, ensuring the integrity and reliability of your network infrastructure.

Technology
1 of 13
Download to read offline
Decoding the ecosystem and its vulnerabilities www.secgen.com Edition 1, Sep 2022 5G
02 This paper covers the following points 1.1 Security still an after-thought Best practices and guidance: are these enough, clear and practical? Business Challenges 1 Technical Challenges 2 False assumptions - The security paradox 1.2 1.3 Conclusion 3 2.1 New and old threats brought to 5G by reused technologies and backward compatibility Threats and security deficiencies original to 5G that were not observed before 2.2
03 The adoption of 5G is set to transform global connectivity and spark large-scale disruption in telecommunications and IoT (Internet of Things). Projected to add USD 1.3 TN to the worldwide GDP by 2030, 5G networks are making it possible for billions of different devices to connect and interact with each other at speeds that are 10x faster and with lower latency. However, with all the excitement around the many benefits that 5G offers, it is easy to forget that this ground-breaking technology requires the simultaneous management of multiple networks — 3G, 4G, and 5G, and new technologies, each with their own complexities and vulnerabilities. As we pursue a more digitally connected future, anticipating the demands of 5G security while mitigating and managing existing threats will become critical to providing network security and ensuring customer trust. Therefore, understanding 5G security implications is crucial to our ability to secure the ecosystem of devices and applications that sprout from that network. Also, we need to know how network operators and organizations can manage these challenges and build a 5G network based on trust and security. Over the past half year, we have worked closely with our clients as they prepared and rolled out 5G networks. And during these engagements, we identified a list of issues and possible threat vectors which could tamper with network security. In this edition, we will discuss these security challenges under two heads – business and technical issues.
There is a general assumption among organizations that 5G networks are cyber-resilient by default. And nothing else needs to be done once deployed as 3GPP assigned vendors, and all the expert geeks have already taken care of everything – embedding cybersecurity into the architecture of the new networks. Well, it is only partially true. There are dramatic changes, improvements and new security features in 5G compared to previous generations. But on the other hand, the type of system complexity, the amount of technologies utilized inside (yes, 5G is not monolithic), and the way we will rely on this communication system raises potential security requirements sky high for 5G. Are all the networks able to meet these security requirements? Nobody is sure about that. So, it’s not the right time for companies to feel fluffy and relaxed that somebody takes care of security – it should be each one’s responsibility. This is not the time to relax and think that nothing needs to be done. 04 False assumptions - The security paradox 1.1 BUSINESS CHALLENGES
05 Best practices and guidance: are these enough, clear and practical ? 1.2 Previous generations of telecom networks provided practically no particular security requirements in the form of standards. Security measures were often described in a short section of protocol specifications or even just in the text of the call-flow descriptions. However, the 5G network deployment has not only made service and standardization necessary, but there is an additional need to consider the integration of virtualization elements, edge computing, front-haul, and back-haul network configurations. Thus, there is an extensive list of available 3GPP and GSMA 5G security specifications, but a lack of mass deployment of 5G SA networks and a severe shortage of skill and expertise creates a hindrance. This situation limits these specifications to an architectural or conceptual nature against real-life network threats and protection. The GSMA also released a list of specifications: FS.31 Baseline Security Controls FS.34 Key Management for 4G and 5G inter-PLMN Security FS.35 Security Algorithm Implementation Roadmap FS.36 5G Interconnect Security FS.39 5G Fraud Risks Guide FS.40 5G Security Guide
1.3 Security still an after-thought 06 As the world pursues a more digitally connected future, we must focus more on cybersecurity. The greatly expanded and multi-dimensional nature of 5G networks makes them vulnerable to multiple threats (just read ENISA 5G thread scape, it is a horror story!). And when security is not included in the fabric of business development, it tends to become a patching-up and chasing exercise that is expensive and leads to much more damage and losses not just for customers but overall brand reputation and trust. It is, therefore, critical for network operators and organizations to understand and establish risk-informed cybersecurity investments upfront. Network security must not be treated as an afterthought - the cost associated with missing a proactive 5G cybersecurity opportunity will be significantly larger than the cost of implementing cyber diligence upfront. 2.1 Threats and security deficiencies original to 5G that were not observed before Not only are the 5G networks new for network owners and users, but a few security threats are also unique to the 5G ecosystem. Let’s look at these security issues and challenges. TECHNICAL CHALLENGES
07 Managing TLS keys and certificates are not trivial while deploying many network elements. SBA protocols and vulnerabilities 5G networks are based on a Service Based Architecture (SBA) that allows interconnected Network Functions (NFs) to communicate with each other. This new set-up implies transitioning from the classical point-to-point messaging for the telecommunications world to the standard bus paradigm (service-based interfaces (SBIs). Traffic encryption (TLS) and the use of the protocol for authorization of network functions (OAuth2.0) are the leading measures to ensure the confidentiality, integrity, and availability of the 5G control plane. Although the support of these mechanisms is mandatory for telecom equipment vendors, mobile operators are in no hurry to implement authentication and authorization of network elements when deploying 5G networks. These results in associated challenges: During the implementation of monitoring tools (e.g. IDS) on SBI, the function of exchanging keys through closed channels for decrypting signal traffic needs proper management. Vulnerabilities within OAuth2.0 can potentially lead to DDoS attacks on the authorization service - NRF, which entails a complete denial of service of the entire operator's network.
08 HTTP/2 and exposure of APIs In 5G networks, the interaction of all network elements takes place via the HTTP/2 protocol. While this helps simplify the implementation process and speeds up the overall development function. The description of services via open API attracts new players to develop the network elements and solutions. This competitive landscape created by multiple players does help reduce costs. But on the other hand, it also results in defective products due to new vendors' lack of telecom domain knowledge. More and more operators are moving to cloud-based deployments. This cloud-based setup helps reduce the standalone network implementation costs and enables operability and scalability. But some critical points need attention in this setup - UDR, where sensitive subscriber information (Ki, subscriber profile data) is stored, should be in a separate network security group from other network functions. This measure will help protect sensitive data from unauthorized access in the event of an outside attack on the network. The broad applicability of HTTP/2 in the world allows telecommunication equipment vendors to use it in developing a wide range of technologies supported everywhere by the world community. While this reduces the risk of incorrect operation in the final product and simplifies the process of introducing new features. It also opens pathways for potential attackers to develop tools for exploiting vulnerabilities. The ability to connect third-party services to the fifth-generation network makes it more flexible and allows operators to introduce all kinds of services into their networks. Connecting these services directly to the operator's network also entails some security risks. A compromised network of even one of the partners can become a potential new attack vector for operator’s network.
SIM management and STK vulnerabilities The most common attacks allow an attacker to steal information about the subscriber's location, their device identifier (IMEI) and cell tower (Cell ID), as well as force the phone to dial a number, send SMS, open a link in a browser, and even disable the SIM card. For more complex attacks, hackers can install their own SIM applets and change the settings of a compromised SIM card, thus taking a wait-and-see position in order to be ready to carry out a more complex attack at any given time. Many SIM cards store the current session key (Kc) in the SIM's shared memory, allowing STK applets to obtain such information in real-time and pass it on to an attacker. In the future, this information may let an attacker take control of the victim's connection. 2.2 New and old threats brought to 5G by reused technologies and backward compatibility 5G networks focus on real-time data processing and act as a transport layer for different services using other technologies. Thus, the application layer is a legacy of other technologies. Additionally, the vulnerabilities of these technologies are not included in the 5G security aspect but are reused in 5G networks, which poses a challenge to network owners. One such shared aspect is the SIM cards and the associated vulnerabilities. 09
10 gNodeB Attacker SIM-OTA SMS 5G Devices Factory Smart City Text Displayed Or No Effect Attack Successful Yes Fraud Wiretap Supply Chain Intellectual Property Theft TDOS/DDOS Persistence Attacks on AI/ML SIM-OTA SMS IOT No Robot Phone Car gNodeB Attacker SIM-OTA SMS 5G Devices Factory Smart City IOT Robot Car Fleet Control Shipping Camera Laptop Phone Infected Infected Infected Infected Infected Infected Drone Infected
5G networks do not have built-in security controls for SIM cards, enabling attackers to gradually establish their own rules inside the 5G domain, using captured SIM cards to steal funds, create authorised approvals, install malware, and conduct other illegal activities. In the context of 5G networks, this vulnerability of SIM cards has become a serious problem, especially considering the increasing number of connected devices. Although the SIM alliance has developed new 5G SIM standards for increased security, some network operators continue to use "old" SIM cards in fifth-generation networks, which is a cause of concern while ensuring security. 11 IMS EPC NGC LTE 5G-NR WIfi PSTN Cell Phone VoIP or SIP Software Threats of IMS and VoNR Another example of inherited vulnerability related to all Voice service – the origin of telephony.
5G networks will use Voice over New Radio (VoNR) – as part of their new architecture to offer significantly better sound quality and lower latency. VoLTE, VoWiFI and Vo5G are just technologies which describe the technical aspect of the connection between UE (user equipment) and IMS core. All IMS threats will also be present in any of these technologies. Below are common IMS threats. Disclosure of the network data Information about functional roles, vendors and models, software versions, and IP addresses. Also, it is possible to obtain information about the DNS names of some network nodes. With this data, an intruder can attack network elements and subscribers via network scans and eavesdropping on signalling traffic. Disclosure of subscriber data It was possible to obtain subscriber information such as IMEI (phone model or OS model), subscriber location, mobile device network status, subscriber account status, and list of enabled services via IMS procedures. With this information, any subscriber in the customer's network can get information of another subscriber via short call (without the answer). Denial of Service (DoS) Caused by attacks on individual subscribers or network elements. The consequences can range from reputational damage, subscriber churn and a negative impact on profitability. Fraud Can be committed by bypassing online charging systems, making calls and sending SMS at the expense of another subscriber, illegally activating services or disabling limitations set by the operator. These attacks initiated via call & IP address spoofing, call interception, supplementary services manipulation, and unauthorized use of operator resources might bring reputational and financial losses caused by unpaid calls and potential legal actions. 12
SecurityGen is a global company focused on telecom security. We deliver a solid security foundation to drive secure telecom digital transformations and ensure safe and robust network operations. About SecurityGen UK | Italy | Czech Republic | Brazil | Mexico India | South Korea | Japan | Malaysia | UAE Email: contact@secgen.com Website: www.secgen.com Connect With Us CONCLUSION Firstly, the above examples do not cover the entire industry spectrum. Nor is it a summary of common trends. They are a quick compilation of challenges you may witness while deploying 5G networks. We faced similar obstacles and discussed workarounds with several global security teams spanning different network operators. Interestingly, we found that organisations worldwide struggle to find appropriate solutions and specific, actionable guidelines. Every 5G network rollout will experience challenges, given that individual networks are unique. Would it be difficult to define cybersecurity best practices that are easy to follow and get satisfactory results? We believe it is possible and will try to address each potential challenge and share inputs on our learnings and experience of resolving them successfully. We hope this will be helpful to you and your organisation as you prepare to roll out 5G networks. Stay Tuned! In our next Edition,we will explain a few best practices and protocols to protect against these threat vectors within the 5G ecosystem. 13

Recommended

An analysis of the security needs
An analysis of the security needsAn analysis of the security needs
An analysis of the security needs
Christian Miranda Moreira
 
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING MLSECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
IRJET Journal
 
Network Security Roadmap have some perception of provided security
Network Security Roadmap have some perception of provided securityNetwork Security Roadmap have some perception of provided security
Network Security Roadmap have some perception of provided security
slametarrokhim1
 
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceTelecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
SecurityGen1
 
Unleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdfUnleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdf
SecurityGen1
 
Strengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGenStrengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGen
SecurityGen1
 
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGenEnhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
SecurityGen1
 
Security Gen Ensures Robust Telecom Security with Comprehensive Assessments
Security Gen Ensures Robust Telecom Security with Comprehensive AssessmentsSecurity Gen Ensures Robust Telecom Security with Comprehensive Assessments
Security Gen Ensures Robust Telecom Security with Comprehensive Assessments
SecurityGen1
 

Recommended

An analysis of the security needs
An analysis of the security needsAn analysis of the security needs
An analysis of the security needs
Christian Miranda Moreira
 
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING MLSECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
IRJET Journal
 
Network Security Roadmap have some perception of provided security
Network Security Roadmap have some perception of provided securityNetwork Security Roadmap have some perception of provided security
Network Security Roadmap have some perception of provided security
slametarrokhim1
 
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceTelecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
SecurityGen1
 
Unleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdfUnleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdf
SecurityGen1
 
Strengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGenStrengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGen
SecurityGen1
 
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGenEnhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
SecurityGen1
 
Security Gen Ensures Robust Telecom Security with Comprehensive Assessments
Security Gen Ensures Robust Telecom Security with Comprehensive AssessmentsSecurity Gen Ensures Robust Telecom Security with Comprehensive Assessments
Security Gen Ensures Robust Telecom Security with Comprehensive Assessments
SecurityGen1
 
Unlock the Future: SecurityGen's 5G Standalone Solutions
Unlock the Future: SecurityGen's 5G Standalone SolutionsUnlock the Future: SecurityGen's 5G Standalone Solutions
Unlock the Future: SecurityGen's 5G Standalone Solutions
Security Gen
 
5G_Upload.docx
5G_Upload.docx5G_Upload.docx
5G_Upload.docx
Sun Technologies
 
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdfSecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
Security Gen
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislation
PositiveTechnologies
 
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecuritySECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
IRJET Journal
 
Best 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGenBest 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGen
Security Gen
 
5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf
Security Gen
 
5G Security Program -Case Studies
5G Security Program -Case Studies 5G Security Program -Case Studies
5G Security Program -Case Studies
Security Gen
 
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern OperationsSecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen1
 
Security Models in Cellular Wireless Networks
Security Models in Cellular Wireless NetworksSecurity Models in Cellular Wireless Networks
Security Models in Cellular Wireless NetworksWilliam Chipman
 
Security_for_5G_Mobile_Wireless_Networks (1).pdf
Security_for_5G_Mobile_Wireless_Networks (1).pdfSecurity_for_5G_Mobile_Wireless_Networks (1).pdf
Security_for_5G_Mobile_Wireless_Networks (1).pdf
4nm18is123SunidhiSir
 
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachScaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
F5 Networks
 
Fb34942946
Fb34942946Fb34942946
Fb34942946
IJERA Editor
 
Whitepaper - Software Defined Networking for the Telco Industry
Whitepaper - Software Defined Networking for the Telco IndustryWhitepaper - Software Defined Networking for the Telco Industry
Whitepaper - Software Defined Networking for the Telco Industry
aap3 IT Recruitment
 
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling SecurityElevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
SecurityGen1
 
SecurityGen's Pioneering Approach to 5G Security Services
SecurityGen's Pioneering Approach to 5G Security ServicesSecurityGen's Pioneering Approach to 5G Security Services
SecurityGen's Pioneering Approach to 5G Security Services
SecurityGen1
 
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection SolutionsProtecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
SecurityGen1
 
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
SecurityGen1
 
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
SecurityGen1
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
Security Gen
 
Protect Your Network_ Invest in Telco Security Solutions Today
Protect Your Network_ Invest in Telco Security Solutions TodayProtect Your Network_ Invest in Telco Security Solutions Today
Protect Your Network_ Invest in Telco Security Solutions Today
Security Gen
 
SecurityGen-IDS-enhance-your-signalling-security (1).pdf
SecurityGen-IDS-enhance-your-signalling-security (1).pdfSecurityGen-IDS-enhance-your-signalling-security (1).pdf
SecurityGen-IDS-enhance-your-signalling-security (1).pdf
Security Gen
 

More Related Content

Similar to Address 5G Vulnerabilities with SecurityGen's Expert Solution

Unlock the Future: SecurityGen's 5G Standalone Solutions
Unlock the Future: SecurityGen's 5G Standalone SolutionsUnlock the Future: SecurityGen's 5G Standalone Solutions
Unlock the Future: SecurityGen's 5G Standalone Solutions
Security Gen
 
5G_Upload.docx
5G_Upload.docx5G_Upload.docx
5G_Upload.docx
Sun Technologies
 
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdfSecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
Security Gen
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislation
PositiveTechnologies
 
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecuritySECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
IRJET Journal
 
Best 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGenBest 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGen
Security Gen
 
5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf
Security Gen
 
5G Security Program -Case Studies
5G Security Program -Case Studies 5G Security Program -Case Studies
5G Security Program -Case Studies
Security Gen
 
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern OperationsSecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen1
 
Security Models in Cellular Wireless Networks
Security Models in Cellular Wireless NetworksSecurity Models in Cellular Wireless Networks
Security Models in Cellular Wireless NetworksWilliam Chipman
 
Security_for_5G_Mobile_Wireless_Networks (1).pdf
Security_for_5G_Mobile_Wireless_Networks (1).pdfSecurity_for_5G_Mobile_Wireless_Networks (1).pdf
Security_for_5G_Mobile_Wireless_Networks (1).pdf
4nm18is123SunidhiSir
 
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachScaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
F5 Networks
 
Fb34942946
Fb34942946Fb34942946
Fb34942946
IJERA Editor
 
Whitepaper - Software Defined Networking for the Telco Industry
Whitepaper - Software Defined Networking for the Telco IndustryWhitepaper - Software Defined Networking for the Telco Industry
Whitepaper - Software Defined Networking for the Telco Industry
aap3 IT Recruitment
 
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling SecurityElevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
SecurityGen1
 
SecurityGen's Pioneering Approach to 5G Security Services
SecurityGen's Pioneering Approach to 5G Security ServicesSecurityGen's Pioneering Approach to 5G Security Services
SecurityGen's Pioneering Approach to 5G Security Services
SecurityGen1
 
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection SolutionsProtecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
SecurityGen1
 
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
SecurityGen1
 
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
SecurityGen1
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
Security Gen
 

Similar to Address 5G Vulnerabilities with SecurityGen's Expert Solution (20)

Unlock the Future: SecurityGen's 5G Standalone Solutions
Unlock the Future: SecurityGen's 5G Standalone SolutionsUnlock the Future: SecurityGen's 5G Standalone Solutions
Unlock the Future: SecurityGen's 5G Standalone Solutions
 
5G_Upload.docx
5G_Upload.docx5G_Upload.docx
5G_Upload.docx
 
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdfSecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
SecurityGen-Cybersecurity-perspective-on-mwc-themes.pdf
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislation
 
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecuritySECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
 
Best 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGenBest 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGen
 
5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf
 
5G Security Program -Case Studies
5G Security Program -Case Studies 5G Security Program -Case Studies
5G Security Program -Case Studies
 
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern OperationsSecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
 
Security Models in Cellular Wireless Networks
Security Models in Cellular Wireless NetworksSecurity Models in Cellular Wireless Networks
Security Models in Cellular Wireless Networks
 
Security_for_5G_Mobile_Wireless_Networks (1).pdf
Security_for_5G_Mobile_Wireless_Networks (1).pdfSecurity_for_5G_Mobile_Wireless_Networks (1).pdf
Security_for_5G_Mobile_Wireless_Networks (1).pdf
 
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachScaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
 
Fb34942946
Fb34942946Fb34942946
Fb34942946
 
Whitepaper - Software Defined Networking for the Telco Industry
Whitepaper - Software Defined Networking for the Telco IndustryWhitepaper - Software Defined Networking for the Telco Industry
Whitepaper - Software Defined Networking for the Telco Industry
 
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling SecurityElevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
 
SecurityGen's Pioneering Approach to 5G Security Services
SecurityGen's Pioneering Approach to 5G Security ServicesSecurityGen's Pioneering Approach to 5G Security Services
SecurityGen's Pioneering Approach to 5G Security Services
 
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection SolutionsProtecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
Protecting Your Text Messages: SecurityGen's SMS Fraud Detection Solutions
 
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
Securing the Future Safeguarding 5G Networks with Advanced Security Solutions...
 
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
 

More from Security Gen

Protect Your Network_ Invest in Telco Security Solutions Today
Protect Your Network_ Invest in Telco Security Solutions TodayProtect Your Network_ Invest in Telco Security Solutions Today
Protect Your Network_ Invest in Telco Security Solutions Today
Security Gen
 
SecurityGen-IDS-enhance-your-signalling-security (1).pdf
SecurityGen-IDS-enhance-your-signalling-security (1).pdfSecurityGen-IDS-enhance-your-signalling-security (1).pdf
SecurityGen-IDS-enhance-your-signalling-security (1).pdf
Security Gen
 
SecurityGen: Your Trusted Partner for Unrivaled Telecom Security
SecurityGen: Your Trusted Partner for Unrivaled Telecom SecuritySecurityGen: Your Trusted Partner for Unrivaled Telecom Security
SecurityGen: Your Trusted Partner for Unrivaled Telecom Security
Security Gen
 
SecurityGen - Your Shield Against Cyber Threats
SecurityGen - Your Shield Against Cyber ThreatsSecurityGen - Your Shield Against Cyber Threats
SecurityGen - Your Shield Against Cyber Threats
Security Gen
 
SecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdf
SecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdfSecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdf
SecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdf
Security Gen
 
Why the VoLTE Rush?
Why the VoLTE Rush?Why the VoLTE Rush?
Why the VoLTE Rush?
Security Gen
 
Shield Your Network: Prevent DDoS Attacks with SecurityGen
Shield Your Network: Prevent DDoS Attacks with SecurityGenShield Your Network: Prevent DDoS Attacks with SecurityGen
Shield Your Network: Prevent DDoS Attacks with SecurityGen
Security Gen
 
Fake BTS Network Vulnerabilities
Fake BTS Network VulnerabilitiesFake BTS Network Vulnerabilities
Fake BTS Network Vulnerabilities
Security Gen
 
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
Security Gen
 
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOMTELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
Security Gen
 
SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...
SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...
SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...
Security Gen
 
ACE: ARTIFICIAL CYBERSECURITY EXPERT
ACE: ARTIFICIAL CYBERSECURITY EXPERTACE: ARTIFICIAL CYBERSECURITY EXPERT
ACE: ARTIFICIAL CYBERSECURITY EXPERT
Security Gen
 
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOMTELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
Security Gen
 
IDS: INTRUSION DETECTION SYSTEM PLATFORM
IDS: INTRUSION DETECTION SYSTEM PLATFORMIDS: INTRUSION DETECTION SYSTEM PLATFORM
IDS: INTRUSION DETECTION SYSTEM PLATFORM
Security Gen
 
NGFW - An Updated Overview
NGFW - An Updated Overview NGFW - An Updated Overview
NGFW - An Updated Overview
Security Gen
 
Securing the 5G growth story with NFVi (1).pdf
Securing the 5G growth story with NFVi (1).pdfSecuring the 5G growth story with NFVi (1).pdf
Securing the 5G growth story with NFVi (1).pdf
Security Gen
 
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOMTELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
Security Gen
 
SecurityGen-IDS_case_study.pdf
SecurityGen-IDS_case_study.pdfSecurityGen-IDS_case_study.pdf
SecurityGen-IDS_case_study.pdf
Security Gen
 
Securing the 5G growth story with NFVi.pdf
Securing the 5G growth story with NFVi.pdfSecuring the 5G growth story with NFVi.pdf
Securing the 5G growth story with NFVi.pdf
Security Gen
 
SecurityGen-Signaling-Threats-in-Latam.pdf
SecurityGen-Signaling-Threats-in-Latam.pdfSecurityGen-Signaling-Threats-in-Latam.pdf
SecurityGen-Signaling-Threats-in-Latam.pdf
Security Gen
 

More from Security Gen (20)

Protect Your Network_ Invest in Telco Security Solutions Today
Protect Your Network_ Invest in Telco Security Solutions TodayProtect Your Network_ Invest in Telco Security Solutions Today
Protect Your Network_ Invest in Telco Security Solutions Today
 
SecurityGen-IDS-enhance-your-signalling-security (1).pdf
SecurityGen-IDS-enhance-your-signalling-security (1).pdfSecurityGen-IDS-enhance-your-signalling-security (1).pdf
SecurityGen-IDS-enhance-your-signalling-security (1).pdf
 
SecurityGen: Your Trusted Partner for Unrivaled Telecom Security
SecurityGen: Your Trusted Partner for Unrivaled Telecom SecuritySecurityGen: Your Trusted Partner for Unrivaled Telecom Security
SecurityGen: Your Trusted Partner for Unrivaled Telecom Security
 
SecurityGen - Your Shield Against Cyber Threats
SecurityGen - Your Shield Against Cyber ThreatsSecurityGen - Your Shield Against Cyber Threats
SecurityGen - Your Shield Against Cyber Threats
 
SecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdf
SecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdfSecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdf
SecurityGen-VoLTE-article-What's-wrong-with-fast-VoLTE-deployments.pdf
 
Why the VoLTE Rush?
Why the VoLTE Rush?Why the VoLTE Rush?
Why the VoLTE Rush?
 
Shield Your Network: Prevent DDoS Attacks with SecurityGen
Shield Your Network: Prevent DDoS Attacks with SecurityGenShield Your Network: Prevent DDoS Attacks with SecurityGen
Shield Your Network: Prevent DDoS Attacks with SecurityGen
 
Fake BTS Network Vulnerabilities
Fake BTS Network VulnerabilitiesFake BTS Network Vulnerabilities
Fake BTS Network Vulnerabilities
 
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
 
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOMTELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
 
SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...
SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...
SecurityGen 5G Cyber-security Lab - A holistic 5G view for building a safe & ...
 
ACE: ARTIFICIAL CYBERSECURITY EXPERT
ACE: ARTIFICIAL CYBERSECURITY EXPERTACE: ARTIFICIAL CYBERSECURITY EXPERT
ACE: ARTIFICIAL CYBERSECURITY EXPERT
 
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOMTELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
 
IDS: INTRUSION DETECTION SYSTEM PLATFORM
IDS: INTRUSION DETECTION SYSTEM PLATFORMIDS: INTRUSION DETECTION SYSTEM PLATFORM
IDS: INTRUSION DETECTION SYSTEM PLATFORM
 
NGFW - An Updated Overview
NGFW - An Updated Overview NGFW - An Updated Overview
NGFW - An Updated Overview
 
Securing the 5G growth story with NFVi (1).pdf
Securing the 5G growth story with NFVi (1).pdfSecuring the 5G growth story with NFVi (1).pdf
Securing the 5G growth story with NFVi (1).pdf
 
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOMTELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
TELCO WORKLOADS IN HYPERSCALER CLOUDS SECURITY IN THE 5G CONTROL ROOM
 
SecurityGen-IDS_case_study.pdf
SecurityGen-IDS_case_study.pdfSecurityGen-IDS_case_study.pdf
SecurityGen-IDS_case_study.pdf
 
Securing the 5G growth story with NFVi.pdf
Securing the 5G growth story with NFVi.pdfSecuring the 5G growth story with NFVi.pdf
Securing the 5G growth story with NFVi.pdf
 
SecurityGen-Signaling-Threats-in-Latam.pdf
SecurityGen-Signaling-Threats-in-Latam.pdfSecurityGen-Signaling-Threats-in-Latam.pdf
SecurityGen-Signaling-Threats-in-Latam.pdf
 

Recently uploaded

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
QADay
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Newntide latest company Introduction.pdf
Newntide latest company Introduction.pdfNewntide latest company Introduction.pdf
Newntide latest company Introduction.pdf
LucyLuo36
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 

Recently uploaded (20)

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Newntide latest company Introduction.pdf
Newntide latest company Introduction.pdfNewntide latest company Introduction.pdf
Newntide latest company Introduction.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 

Address 5G Vulnerabilities with SecurityGen's Expert Solution

  • 1. Decoding the ecosystem and its vulnerabilities www.secgen.com Edition 1, Sep 2022 5G
  • 2. 02 This paper covers the following points 1.1 Security still an after-thought Best practices and guidance: are these enough, clear and practical? Business Challenges 1 Technical Challenges 2 False assumptions - The security paradox 1.2 1.3 Conclusion 3 2.1 New and old threats brought to 5G by reused technologies and backward compatibility Threats and security deficiencies original to 5G that were not observed before 2.2
  • 3. 03 The adoption of 5G is set to transform global connectivity and spark large-scale disruption in telecommunications and IoT (Internet of Things). Projected to add USD 1.3 TN to the worldwide GDP by 2030, 5G networks are making it possible for billions of different devices to connect and interact with each other at speeds that are 10x faster and with lower latency. However, with all the excitement around the many benefits that 5G offers, it is easy to forget that this ground-breaking technology requires the simultaneous management of multiple networks — 3G, 4G, and 5G, and new technologies, each with their own complexities and vulnerabilities. As we pursue a more digitally connected future, anticipating the demands of 5G security while mitigating and managing existing threats will become critical to providing network security and ensuring customer trust. Therefore, understanding 5G security implications is crucial to our ability to secure the ecosystem of devices and applications that sprout from that network. Also, we need to know how network operators and organizations can manage these challenges and build a 5G network based on trust and security. Over the past half year, we have worked closely with our clients as they prepared and rolled out 5G networks. And during these engagements, we identified a list of issues and possible threat vectors which could tamper with network security. In this edition, we will discuss these security challenges under two heads – business and technical issues.
  • 4. There is a general assumption among organizations that 5G networks are cyber-resilient by default. And nothing else needs to be done once deployed as 3GPP assigned vendors, and all the expert geeks have already taken care of everything – embedding cybersecurity into the architecture of the new networks. Well, it is only partially true. There are dramatic changes, improvements and new security features in 5G compared to previous generations. But on the other hand, the type of system complexity, the amount of technologies utilized inside (yes, 5G is not monolithic), and the way we will rely on this communication system raises potential security requirements sky high for 5G. Are all the networks able to meet these security requirements? Nobody is sure about that. So, it’s not the right time for companies to feel fluffy and relaxed that somebody takes care of security – it should be each one’s responsibility. This is not the time to relax and think that nothing needs to be done. 04 False assumptions - The security paradox 1.1 BUSINESS CHALLENGES
  • 5. 05 Best practices and guidance: are these enough, clear and practical ? 1.2 Previous generations of telecom networks provided practically no particular security requirements in the form of standards. Security measures were often described in a short section of protocol specifications or even just in the text of the call-flow descriptions. However, the 5G network deployment has not only made service and standardization necessary, but there is an additional need to consider the integration of virtualization elements, edge computing, front-haul, and back-haul network configurations. Thus, there is an extensive list of available 3GPP and GSMA 5G security specifications, but a lack of mass deployment of 5G SA networks and a severe shortage of skill and expertise creates a hindrance. This situation limits these specifications to an architectural or conceptual nature against real-life network threats and protection. The GSMA also released a list of specifications: FS.31 Baseline Security Controls FS.34 Key Management for 4G and 5G inter-PLMN Security FS.35 Security Algorithm Implementation Roadmap FS.36 5G Interconnect Security FS.39 5G Fraud Risks Guide FS.40 5G Security Guide
  • 6. 1.3 Security still an after-thought 06 As the world pursues a more digitally connected future, we must focus more on cybersecurity. The greatly expanded and multi-dimensional nature of 5G networks makes them vulnerable to multiple threats (just read ENISA 5G thread scape, it is a horror story!). And when security is not included in the fabric of business development, it tends to become a patching-up and chasing exercise that is expensive and leads to much more damage and losses not just for customers but overall brand reputation and trust. It is, therefore, critical for network operators and organizations to understand and establish risk-informed cybersecurity investments upfront. Network security must not be treated as an afterthought - the cost associated with missing a proactive 5G cybersecurity opportunity will be significantly larger than the cost of implementing cyber diligence upfront. 2.1 Threats and security deficiencies original to 5G that were not observed before Not only are the 5G networks new for network owners and users, but a few security threats are also unique to the 5G ecosystem. Let’s look at these security issues and challenges. TECHNICAL CHALLENGES
  • 7. 07 Managing TLS keys and certificates are not trivial while deploying many network elements. SBA protocols and vulnerabilities 5G networks are based on a Service Based Architecture (SBA) that allows interconnected Network Functions (NFs) to communicate with each other. This new set-up implies transitioning from the classical point-to-point messaging for the telecommunications world to the standard bus paradigm (service-based interfaces (SBIs). Traffic encryption (TLS) and the use of the protocol for authorization of network functions (OAuth2.0) are the leading measures to ensure the confidentiality, integrity, and availability of the 5G control plane. Although the support of these mechanisms is mandatory for telecom equipment vendors, mobile operators are in no hurry to implement authentication and authorization of network elements when deploying 5G networks. These results in associated challenges: During the implementation of monitoring tools (e.g. IDS) on SBI, the function of exchanging keys through closed channels for decrypting signal traffic needs proper management. Vulnerabilities within OAuth2.0 can potentially lead to DDoS attacks on the authorization service - NRF, which entails a complete denial of service of the entire operator's network.
  • 8. 08 HTTP/2 and exposure of APIs In 5G networks, the interaction of all network elements takes place via the HTTP/2 protocol. While this helps simplify the implementation process and speeds up the overall development function. The description of services via open API attracts new players to develop the network elements and solutions. This competitive landscape created by multiple players does help reduce costs. But on the other hand, it also results in defective products due to new vendors' lack of telecom domain knowledge. More and more operators are moving to cloud-based deployments. This cloud-based setup helps reduce the standalone network implementation costs and enables operability and scalability. But some critical points need attention in this setup - UDR, where sensitive subscriber information (Ki, subscriber profile data) is stored, should be in a separate network security group from other network functions. This measure will help protect sensitive data from unauthorized access in the event of an outside attack on the network. The broad applicability of HTTP/2 in the world allows telecommunication equipment vendors to use it in developing a wide range of technologies supported everywhere by the world community. While this reduces the risk of incorrect operation in the final product and simplifies the process of introducing new features. It also opens pathways for potential attackers to develop tools for exploiting vulnerabilities. The ability to connect third-party services to the fifth-generation network makes it more flexible and allows operators to introduce all kinds of services into their networks. Connecting these services directly to the operator's network also entails some security risks. A compromised network of even one of the partners can become a potential new attack vector for operator’s network.
  • 9. SIM management and STK vulnerabilities The most common attacks allow an attacker to steal information about the subscriber's location, their device identifier (IMEI) and cell tower (Cell ID), as well as force the phone to dial a number, send SMS, open a link in a browser, and even disable the SIM card. For more complex attacks, hackers can install their own SIM applets and change the settings of a compromised SIM card, thus taking a wait-and-see position in order to be ready to carry out a more complex attack at any given time. Many SIM cards store the current session key (Kc) in the SIM's shared memory, allowing STK applets to obtain such information in real-time and pass it on to an attacker. In the future, this information may let an attacker take control of the victim's connection. 2.2 New and old threats brought to 5G by reused technologies and backward compatibility 5G networks focus on real-time data processing and act as a transport layer for different services using other technologies. Thus, the application layer is a legacy of other technologies. Additionally, the vulnerabilities of these technologies are not included in the 5G security aspect but are reused in 5G networks, which poses a challenge to network owners. One such shared aspect is the SIM cards and the associated vulnerabilities. 09
  • 10. 10 gNodeB Attacker SIM-OTA SMS 5G Devices Factory Smart City Text Displayed Or No Effect Attack Successful Yes Fraud Wiretap Supply Chain Intellectual Property Theft TDOS/DDOS Persistence Attacks on AI/ML SIM-OTA SMS IOT No Robot Phone Car gNodeB Attacker SIM-OTA SMS 5G Devices Factory Smart City IOT Robot Car Fleet Control Shipping Camera Laptop Phone Infected Infected Infected Infected Infected Infected Drone Infected
  • 11. 5G networks do not have built-in security controls for SIM cards, enabling attackers to gradually establish their own rules inside the 5G domain, using captured SIM cards to steal funds, create authorised approvals, install malware, and conduct other illegal activities. In the context of 5G networks, this vulnerability of SIM cards has become a serious problem, especially considering the increasing number of connected devices. Although the SIM alliance has developed new 5G SIM standards for increased security, some network operators continue to use "old" SIM cards in fifth-generation networks, which is a cause of concern while ensuring security. 11 IMS EPC NGC LTE 5G-NR WIfi PSTN Cell Phone VoIP or SIP Software Threats of IMS and VoNR Another example of inherited vulnerability related to all Voice service – the origin of telephony.
  • 12. 5G networks will use Voice over New Radio (VoNR) – as part of their new architecture to offer significantly better sound quality and lower latency. VoLTE, VoWiFI and Vo5G are just technologies which describe the technical aspect of the connection between UE (user equipment) and IMS core. All IMS threats will also be present in any of these technologies. Below are common IMS threats. Disclosure of the network data Information about functional roles, vendors and models, software versions, and IP addresses. Also, it is possible to obtain information about the DNS names of some network nodes. With this data, an intruder can attack network elements and subscribers via network scans and eavesdropping on signalling traffic. Disclosure of subscriber data It was possible to obtain subscriber information such as IMEI (phone model or OS model), subscriber location, mobile device network status, subscriber account status, and list of enabled services via IMS procedures. With this information, any subscriber in the customer's network can get information of another subscriber via short call (without the answer). Denial of Service (DoS) Caused by attacks on individual subscribers or network elements. The consequences can range from reputational damage, subscriber churn and a negative impact on profitability. Fraud Can be committed by bypassing online charging systems, making calls and sending SMS at the expense of another subscriber, illegally activating services or disabling limitations set by the operator. These attacks initiated via call & IP address spoofing, call interception, supplementary services manipulation, and unauthorized use of operator resources might bring reputational and financial losses caused by unpaid calls and potential legal actions. 12
  • 13. SecurityGen is a global company focused on telecom security. We deliver a solid security foundation to drive secure telecom digital transformations and ensure safe and robust network operations. About SecurityGen UK | Italy | Czech Republic | Brazil | Mexico India | South Korea | Japan | Malaysia | UAE Email: contact@secgen.com Website: www.secgen.com Connect With Us CONCLUSION Firstly, the above examples do not cover the entire industry spectrum. Nor is it a summary of common trends. They are a quick compilation of challenges you may witness while deploying 5G networks. We faced similar obstacles and discussed workarounds with several global security teams spanning different network operators. Interestingly, we found that organisations worldwide struggle to find appropriate solutions and specific, actionable guidelines. Every 5G network rollout will experience challenges, given that individual networks are unique. Would it be difficult to define cybersecurity best practices that are easy to follow and get satisfactory results? We believe it is possible and will try to address each potential challenge and share inputs on our learnings and experience of resolving them successfully. We hope this will be helpful to you and your organisation as you prepare to roll out 5G networks. Stay Tuned! In our next Edition,we will explain a few best practices and protocols to protect against these threat vectors within the 5G ecosystem. 13