How to Address 5G Security Concerns using Threat Modeling

5G technology is poised to transform the world of telecommunications with unprecedented speeds of data transfer. For example, it promises 100 times the data transfer speed of 4G or LTE with a network latency of less than 1 millisecond. In other words, issues like latency are going to be a thing of the past, with digital transfer of data across systems supposed to take place in the blink of an eye. Statistically speaking, the rollout of 5G technology is expected to reach one-third of the population globally by 2025. In fact, global infrastructure spending towards 5G is likely to increase by 22% in 2022, crossing $23 billion (source: Gartner).

However, notwithstanding the growth that experts forecast, 5G can be subjected to a host of security issues as well. Given the growth prospects and comprehensive coverage of 5G, it is unlikely that cybercriminals are going to give it a miss. Security experts fear that 5G networks can be subjected to DDoS and other types of attacks through compromised IoT devices or systems. So, should proper security measures such as rigorous 5G security testing not be implemented with the rollout of 5G, the benefits of this technology could wither away in the maelstrom of cybersecurity issues. Let us understand the security concerns surrounding 5G and how threat modeling can help mitigate them.

What are the 5G security concerns?

Along with the benefits of this technology, 5G can encompass several security concerns, as mentioned below:

Network Functions Virtualization (NFV): NFV enables network slicing and virtualizes network functions on devices such as routers, firewalls, and load balancers. These functions are run by utilizing virtual network functions (VNFs) as packaged software sitting on virtual machines. The virtualization of network functions can generate vulnerabilities such as DDoS and malware. These should be identified by the 5G security testing exercise and addressed thereon.

Software Defined Networking (SDN): In addition to NFV, SDN technology uses network management to separate the control and forwarding planes. SDNs extract the underlying infrastructure from the network services and apps and enable programmable network controls. By virtue of being centralized and controllable, SDNs deliver the much-needed agility to adapt to the needs of 5G services. However, in spite of their benefits, SDNs are vulnerable to cyber threats such as device attacks, counterfeit traffic flows, control pane threats, and much more.

Microservices: The core of 5G comprises a service-based architecture where microservices are crucial to its development. These are more customizable, agile, and flexible than monolithic applications. Besides, microservices are faster to develop and relatively easier to maintain. These are often deployed over multiple clouds and/or VMs, thereby increasing the attack area for threat actors. The use of API-linked microservices to launch attacks, as well as the rapid change of applications built with microservices, can increase the risk of vulnerabilities even further.

Use of new technologies and platforms: Technologies and methodologies such as virtualization, cloud, edge computing, containerization, and DevOps play a crucial role in 5G. They provide the necessary ultra-low latency, flexibility, cost-savings, agility, and high bandwidth for 5G. However, they also add complex attack paths and increase the attack surface, thereby making it difficult to detect threats.

How to address security concerns with threat modeling

As discussed above, 5G encompasses a lot of functional elements and factors, which make it vulnerable to security threats. So, the most important step to securing a 5G network in 5G assurance testing is building a threat model. Threat modeling enables 5G testing companies to assess risks facing the application, including the consequences of not addressing the risks. Threat modeling allows security engineers to identify risks on a priority basis and resolve them based on the level of security. In fact, threat modeling experts not only limit their risk assessment to a predefined list but also look for any new types of attacks.

The five steps to building a threat model for 5G are

l Define the user-side assets and different networks that are susceptible to coordinated or random attacks.

l For every individual asset, create a list of potential threat actors - internal and external.

l Find out the type of action the threat actors are likely to take to cause the breach of assets.

l Create a list of threats by analyzing the factors and prioritizing the threats based on their likelihood of succeeding and the level of damage they can cause to the assets.

l Create an action plan to address the identified threats.

Conclusion

5G is going to be fundamentally different from any existing technology, such as 4G, LTE, and others. With its rollout across sectors and an increase in the attack surface, experts fear the systems and architectures using 5G are likely to be subjected to a fusillade of security attacks. However, with threat modeling as part of 5G application testing, the threats and their risks can be identified and mitigated. Thereafter, penetration testing is conducted for testing 5G networks based on the findings of threat modeling.

James Daniel is a software Tech enthusiastic & works at Cigniti Technologies. I'm having a great understanding of today's software testing quality that yields strong results and always happy to create valuable content & share thoughts.