The Department of Homeland Security (DHS) / Cyber Security and Infrastructure Security Agency (CISA) assesses that the fifth generation mobile network (5G) will present opportunities and challenges, And its implementation will reveal weaknesses related to supply chain, deployment, network security and so on Competition and loss of reliable options.
Using 5G components manufactured by untrusted companies, malicious software and hardware to US entities, Components caused by simulated components and poor manufacturing processes and maintenance procedures may put them at risk of defects. 5G moile phones technology hardware, software, and services provided by untrusted entities may increase the risk of compromising the privacy, integrity, and availability of network assets. Even though US networks are secure, American data traveling abroad through unreliable telecommunications networks is potentially at risk of interception, manipulation, disruption, and destruction.
- 5G will use more components than previous generations of wireless networks, and the proliferation of 5G infrastructure may provide more attack vectors to malicious actors. The effectiveness of 5G’s security enhancements will depend partly on proper implementation and configuration.
- Despite an increase in security compared to previous generations, it is unknown what new weaknesses can be discovered in the 5G network. In addition, 5G is based on previous generations of wireless networks and will initially be integrated into a 4G long-term evolution (LTE) network with some legacy weaknesses.
- Non-trusted companies may be less likely to participate in interoperability efforts. Custom 5G technologies that do not meet interoperability standards can be difficult to update, repair, and change. This potentially increases the lifecycle cost of the various types of product and delays 5G deployment if the equipment requires replacement. Lack of interoperability can also have a negative impact on the competitive market as companies can be excluded if the available competitive market decreases.
The United States government can manage these vulnerabilities and increase the security of communication networks as 5G is adopted:
- To encourage the continued development of reliable 5G technologies, services and products.
- To encourage the continued reliable development of future generations of communication technologies.
- Promote international standards and procedures that are open, transparent, consensus-driven and that do not harm reliable companies.
- Limiting the adoption of 5G devices with known or suspected weaknesses.Continuous engagement with the private sector on risk identification and mitigation efforts.
- Ensuring strong security capabilities for 5G applications and services.
History of Cellular Communication
In 1982, the first cellular wireless generation(G) was launched in the United States, using analog communications to provide basic speech service. Since then, wireless providers have introduced new wireless generation almost every 10 years, increasing data throughput and reducing latency. Digital transmission in the air introduced in 2G replaced analog and supported data services for mobile devices. 2G technologies enabled capabilities such as text and picture messaging. 3G was introduced with the upgrade of existing networks and new mobile devices, which introduced the Global Positioning System (GPS), Introduced data overlays to support data capabilities such as video conferencing and multi-media streaming. 4G changed the way media was consumed, making it possible to make a wide-scale shift from downloading content on home computers to streaming content on mobile devices. As of of June month in the year of 2019, 4G is the primary wireless standard used in the United States, However 2G and 3G are still used exclusively in some rural areas where 4G coverage is lacking. Two versions of 4G were released following the original standard: (LTE) and LTE Advanced (LTE-A). Both releases updated the existing 4G network and significantly improved its upload and download speeds. 4G, however, is unable to support the needs of a developed telecommunications industry with billions of connected devices and growing data requirements. Development of wireless generations since 1982, including the expected comprehensive rollout of 5G.
What is 5G?
5G is the next generation of cellular wireless network technology that represents a complete transformation of telecommunications networks. Combining new and legacy technology and infrastructure, 5G will be based on previous generations in development over many years using existing infrastructure and technology. 5G builds existing telecommunications infrastructure by improving the bandwidth, capacity and reliability of wireless broadband services. Development will take years, but the goal is to meet growing data and communication requirements, including the capacity of tens of billions of connected devices that will build the Internet of Things (IoT), Time communication and fast speed to support ultra-low latency emerging technologies required for critical near-reality. As of June month in the year of 2019, 5G cellular networks and technologies are under development with limited rollout in select cities around the world, including 20 cities in the United States.
How will 5G work?
Wireless communication traditionally transmits data at low-band radio frequencies. At these low-band frequencies, waves are penetrating (can pass through walls and other materials) and can travel long distances, And can therefore use large, macro cellular towers to cover a large geographic area. The 5G wireless system will transmit and receive radio signals at low-, medium- and high-band radio frequencies. Expanding the range of use of wireless frequency devices will help reduce wireless traffic congestion by increasing capacity, and greater throughput, Increasing requirements for low latency and high speed can be met. The speed of high frequency waves will improve but they will be less penetrating and have lower transmission limits (possibly hundreds of meters instead of kilometers). A full complement of spectrum frequencies (low, middle and high) will be required for 5G because each frequency type offers unique benefits and challenges.
In many instances, 5G conventional macro cellular towers and non-conventional, small deployments, such as small cell and micro cell-short cellular towers that transmit short-range radio signals, With components built on both systems will depend on a new physical architecture. . In addition to connecting directly to base stations, wireless cellular devices will be able to connect to local small cells, which will then relay data to macro cellular towers through additional small cells. The architecture required to support 5G will depend on the geography and spectrum bands used to provide the service. In many instances, supporting 5G connectivity, streetlights, street signs, homes, Small cells will need to be widely deployed in cities to receive and transmit signals from locations such as vehicles and businesses.
In areas with small cells insufficient to handle 5G traffic, wireless cellular devices may return to 4G or other previous wireless network generations. However, the lack of small cells does not mean that 5G is not possible; 5G speed and capacity may be available through other 5G architectures. Figure three divides the key components of 5G networking into user equipment, radio access networks (RANs), and core networks, and shows market leaders in each region. The purpose of this network architecture with related vendors is to be high level. Additional descriptors will result in a detailed list of primary vendors, including additional US-based vendors.
How will technology use 5G?
5G’s high speed, increased bandwidth and low latencies will advance emerging and developed technologies – including autonomous vehicles, augmented and virtual reality, remote medical procedures and IoT। Low-, within wireless spectrum, Middle and high-band radio frequencies have unique features that can be used to meet different usage requirements within a 5G infrastructure. For example, augmented / virtual reality will require higher upload and download speeds, while autonomous vehicles will require ultra-low latency to ensure almost instantaneous response. In 2016, standards and regulatory bodies classified three primary methods, the seventh technology would use 5G; Ultra-credible low-latency communications (URLLC), advanced mobile broadband (EMBB), Massive Machine Type Communications (MMTC).
When will 5G be available?
5G began its rollout in the United States in 2018, but widespread availability is dependent on many factors, Including the finalization of the International Telecommunications Union (ITU)x and the Third Generation Partnership Project (3GPP)xi standard, federal regulation of spectrum, network implementation and Development and production of 5G networks and equipment. Systems that use a broad range of spectrum, such as automotive and industrial automation and virtual reality, Smart phones will be supported as 5G technology and infrastructure continue to develop. Extensive use of standalone 5G networks is not expected until at least 2022। In the interim, the continued rapid growth of connected devices will use 4G, 4G LTE and 4G / 5G hybrid infrastructure for Internet connectivity.
Developing 5G standards, 5G standards have addressed known security vulnerabilities from previous wireless generations and home routing, Enhanced security of 5G with encryption and network slicingxii. As of June 2019, 15 standards released for 5G have been met। Release 16 standards are expected to be finalized in December 2019 as soon as possible. 5G development and standard development will continue after the completion of Release 16 Standard-spectrum bands, led by 3GPP and ITU, determine technical specifications, including radio interface technology, network architecture, and network virtualization.
In 2015, ITU created International Mobile Telecommunications 2020 (IMT-2020), Describing technical standards such as minimum speed and use cases and specifying a timeline for the development of 5G standards. 3GPP is evolving and will present candidate technologies and specifications for IMT-2020। In December 2017, 3GPP confirmed the non-standalone (NSA) xiii 5G New Radio (NR) specification, which enabled vendors to start manufacturing 5G components. In June 2018, the standalone (SA) xiv version was completed; 5G SA defines control aircraft capabilities and user specifications for the new 5G core network architecture. 3GPP is aiming for its final presentation in IMT-2020 by the end of 2019.
Federal regulations and activities
The Federal Communications Commission (FCC) is a US government agency that manages commercial spectrum usage. The FCC has designated a large block of under-used high band spectrum for 5G and 6,000 licenses in the 28 GHz and 24 GHz bands for communications companies is auctioning. FCC has concluded its first high-band 5G spectrum auction on May 28, 2019 in both the 28GHz and 24GHz bands. Additional auction of various spectrum bands is planned for 2019. FCC will provide additional spectrum for 5G services, including:
- Low-band: FCC with targeted changes in the 600 MHz, 800 MHz and 900 MHz bands, 5G is working to improve the use of low-band spectrum (useful for wide coverage) for services.
- Mid-band: Exploring a shared service framework in the 3.5 GHz band and developing the next steps for terrestrial use in the 3.7 GHz band, among other bands.
- High-band: releasing spectrum at the frontier of the spectrum chart, including spectrum auctions in the 24 and 28 GHz bands, and 37, A 2019 auction is planned in the 39 and 47 GHz bands, with additional bands still being explorers for potential terrestrial wireless use.
A major place of collaborative work between the government and the private sector is the FCC’s Communications Security, Reliability and Interoperability Council (CSRIC)। CSRIC is a federal advisory committee made up of members from both the private sector and the government. Its mission is to provide recommendations to the FCC to ensure, among other things, the security and reliability of communications systems, including telecommunications, media, and public safety. DHS participates in CSRIC efforts on cyber security and communications network security, complementing DHS’s role as a sector-specific agency for the communications sector.
5G deployment in the United States
As of June 2019, 5G networks and technologies are still under development and have started on a limited basis in cities. The full benefit of 5G cellular network technology may not be available during this initial deployment, as either users do not have 5G enabled devices that can use 5G networks, Or because there is insufficient base structure to access 5G enabled devices.
An American carrier deployed a fixed 5G network in four US cities in October 2018, which would benefit 5G signals but would not provide mobile access to 5G networks. This home broadband service is a standard deployment and does not meet the globally recognized 5G standard, However the company says it will adopt the industry standard in 2019 when it starts 5G mobile service for phones. A second US carrier deployed a mobile 5G network in 12 US cities in December 2018, However, 5G mobile hotspots with limited availability are the only devices capable of using 5G networks; The 5G enabled smartphone is expected to be available in 2019. Two additional US carriers are aiming for 2020 for full nationwide 5G coverage with limited rollout starting in 2019. Many of these devices are enabled by a 5G modem developed by a leading American chip manufacturer, Which 18 international original equipment manufacturer (OEM) companies and 19 wireless network operators have committed to use in tests.
5G Weaknesses
The move towards 5G presents opportunities to increase security and create a better user experience; However, this results in supply chain, deployment, There may be weaknesses related to network security and competition and loss of options. Although not all inclusive, there are a variety of weaknesses that could increase the risk for the United States as the nation’s networks are shifting to 5G, Including: reliance on untrusted entities and the global supply chain, lack of participation by untrusted companies in interoperability efforts, increase in size of 5G infrastructure, Integration within existing weak networks, and incredible company development of custom codes for ICT components.
Supply Chain
The use of 5G components manufactured by untrusted companies can expose us. Institutions against the risks posed by malicious software and hardware; Counterfeit components; And component defects due to poor manufacturing processes and maintenance procedures.
Although equipment designed and manufactured by reliable suppliers is not immune to manipulation, But devices produced or otherwise handled by untrusted partners present a greater risk of introduction of malicious or unintentional vulnerabilities. Counterfeit components and the insertion of malicious software and hardware are some examples of such weaknesses. Even if ICT components are purchased from trusted companies, the company can maintain production facilities abroad that may be sensitive to supply chain risk. Compromised components can affect network performance and compromise the privacy, integrity and availability of network assets. In addition, compromised devices can provide malicious actors with consistent access to 5G networks and the ability to intercept data coming through the device. Compromised devices can infect connected computers, phones, and other devices with malware and re-route data, Can be changed or removed. Unbelievable companies that have significant international market share within telecommunications networks may bring risks, even if they do not have a large presence within the US network. Therefore, even if the US network is completely secure, data traveling abroad can pass through unreliable telecommunications networks and potentially intercept, manipulate, May be sensitive to disruption or destruction.
Network Security
Despite the increase in security compared to previous generations, it is unknown what new weaknesses can be discovered in the 5G network.
Component manufacturers and service providers are developing technologies and security specifications to reduce vulnerabilities in wireless networks. 5G will deliver ICT components and data management to the edge of the network, network slicing, edge computing power, device management, Will increase security through authentication functions and automated threat detection and response. Network slicing, if implemented properly, should limit an attacker’s ability to access critical areas within the network. Moving tasks to the edge of the network will increase computing and network management power, which will secure traffic and prevent intrusion into the core network system. Despite 5G security reforms, Like all new technologies, it is likely that 5G tools and protocols will inadvertently have weaknesses that may expose components and data to exploitation. Even though security updates are issued, some entities may be slow to implement them for several reasons, such as the potential impact on operations by taking the system offline. Therefore any weaknesses inherent in 5G technologies can be exploited even after solutions are developed.
5G is based on previous generations of wireless networks and will initially be integrated with 4G LTE networks, with some chronic weaknesses, Including potentially unreliable components.
5G network technologies are being designed to be more secure than previous mobile network generations, And organizations and standards bodies continue to increase security in previous wireless networks, including protecting core networking systems from malicious edge networking devices. However, 5G technologies will initially apply to existing 4G long-term evolution (LTE) networks, which have huge weaknesses. These may be due, inadvertently, to the technical weaknesses inherent in the network, or to the integration of 5G technologies into unreliable 4G and 4G LTE networks. The legacy of security settings, permissions and technical specifications from an untrusted core network can negate the underlying 5G device security.
5G Deployment
The proliferation of 5G networks can provide malicious actors with more attack vectors to prevent, manipulate, interrupt, and destroy critical data.
5G cellular network technology will use more components than previous generations of wireless networks and prevent, manipulate, critical data near malicious actors, There may be additional vectors to interrupt and destroy. This infrastructure of 5G cellular network technology will likely include cellular towers, beamforming, small cells and mobile devices, but this is not limited to them.
Unlike traditional cellular towers, small cells will be intensively deployed in metropolitan areas, which will live on pillars of light, trees, houses, corners of the building, and retail outlets. Although small cells are designed with physical security features, they can still be compromised through physical access. It allows malicious actors frequent illegal access to 5G networks, Providing the ability to intercept data routed through the device and the opportunity to carry out service denial (DOS) attacks on devices that communicate with that small cell can compromised small cells can also provide malicious actors with the ability to clone devices, thereby calling replication, Allows data to be used and add charges.
While it is possible to use small cells for information extraction or disruption, The use of such a method would require a high degree of sophistication and is unlikely to provide access to large amounts of data. As of June 2019, there has been no confirmation of using 5G small cells to exploit wireless systems, however, Researchers have demonstrated this capability with small cells in 4G wireless systems.
In 2013, a pair of security researchers made voice calls to any handset connecting to the device, Explained in detail its ability to use a small cell to intercept data and SMS text messages. Security researchers also demonstrated the ability to clone a cell phone, allowing hackers to make calls by impersonating the device, Can send text and use data.
The effectiveness of 5G security enhancements will depend partly on proper implementation and configuration.
Advanced security features in 5G protocols and technologies will improve communication security but will require proper configuration and implementation. Since municipalities, many companies and organizations in whole world build their own local 5G networks technologies , it is possible that they will not implement 5G network security properly and completely . Improperly deployed, configured or managed 5G technologies devices and networks can be sensitive to interception, disruption and manipulation.
Loss of competition and reliable options
Incredible companies may be less likely to participate in interoperability efforts, This would make it difficult for potentially reliable companies to compete and limit the availability of reliable communication technologies.
Section 889 of the 2019 National Defense Authorization Act (NDAA) prohibits federal agencies from purchasing certain equipment and services from Huawei and ZTE, the world’s two largest manufacturers of telecommunications equipment. Although their share in the US telecommunications market is limited, these companies have an internationally significant market share and may be less likely to participate in interoperability efforts। Evidence of this is the lack of participation in the O-RAN Alliance, a collection of telecommunications organizations that work towards open and interoperable architectures.
Communications network operators who previously purchased 4G cellular network devices from a company like Huawei that uses proprietary interfaces in their technologies, They cannot easily use other vendors’ equipment for 5G. The proprietary interface locks customers into a single vendor purchase cycle, which can negatively affect competitive equilibrium within the 5G market. Loss of market share can limit the ability of reliable companies to invest in research and development and ultimately exclude them from the market. Losing reliable suppliers can potentially lead to a situation where untrusted entities are the only option.
Custom 5G technologies that do not meet interoperability standards may be more difficult to update and repair, potentially increasing the lifecycle cost of the product.
Custom 5G devices, which do not meet interoperability standards, can be more difficult to update and repair. Poorly developed code makes vulnerability management quite difficult and can lead to unsupported software. If a serious outage occurs, it is more difficult to recover data with systems, programs, and custom codes and this can increase the outage time.
Slowing or blocking interoperability between networks can significantly delay or increase the cost of deploying 5G. Currently a customer using Huawei equipment who wants to use a new vendor for 5G, It may first have to remove and replace all its equipment from the network.
Huawei Cyber Security Evaluation Center (HCSEC) Oversight Board Annual Report.
On March 28, 2019, the British National Cyber Security Center (NCSC) released an assessment on the security risks posed by Huawei. The report identifies “significant, worrying issues in Huawei’s approach to software development, which increases considerable risk for UK operators, And constant management and mitigation is required.” The report also states that the “ oversight board is only able to provide limited assurance that long-term safety risks can be managed in Huawei devices currently deployed in the UK.
Read Also:
- 6 National Opportunities To Mitigate 5g Risk
- 5G: Fifth Generation of Mobile Technologies
- Overview of 5G Technology and Its Applications
- Pros and Cons of 5G technology in Health
- Facts of 5G Technology
Leave a Reply