#ISC2Congress: How 5G is Expanding the Attack Surface

Written by

Speaking at the virtual (ISC)2 Security Congress Kevin McNamee, director of threat intelligence at Nokia, explored the security implications surrounding the introduction of 5G mobile technology, outlining five key ways 5G is expanding the attack surface.

“5G is bringing a lot to the table in terms of new security features, but I also [want to] mention the downside – the attack surface,” he said.

The first way in which 5G is widening the attack surface is the huge growth of IoT devices, McNamee continued.

“IOT devices are [often] vulnerable, unprotected and unpatched, and with 5G, more are coming. If they are out there and they are vulnerable and visible to different parts of the network, they are going to be hacked and cause problems.”

The next 5G security issue that McNanee cited was what he coined “multi-access edge computing.”

With multi-access edge computing, “you’ve got millions of devices accessing data centers or spread over the city, and it can become quite a challenge in terms of management, monitoring and incident response.

“So whoever’s operating these multi-access edge clouds has to consider how they’re managed and monitor them to make sure they are functioning properly and not being abused,” McNamee added.

Then there is the abuse of 5G bandwidth via DDoS attacks, McNamee explained. “If you’re running a huge number of mobile devices, there’s the potential for attackers to expand their DDoS attack bandwidth.

“It raises the bar with regards to how we defend against DDoS attacks when there are so many devices out there.”

The fourth security issue that McNamee referred to is the potential visibility of the 5G IP address space.

“With 5G, if we switch to IPv6 default, there’s the potential to open up visibility. If a device is visible from the internet and the network, it makes the attack surface bigger. So visibility becomes a critical thing.”

The last way in which 5G is increasing the attack surface relates to the potential targeting of ‘slicing’ – a modern way of segregating/isolating user and application communities – in attacks. “Slicing does focus the attention on certain parts of the network,” and that can be exploited by cyber-attackers, McNamee concluded.

What’s hot on Infosecurity Magazine?