5G cybersecurity is becoming a hot topic among MSP owners and engineers. Recently, I’ve spoken to many MSP owners who have had questions. As 5G gradually rolls out in markets across the USA and Canada, its arrival will usher in many changes and features.
This article is part one of a two-part Smarter MSP series and today’s post will focus on the recent National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) report, published on the CISA website, which looks at securing the integrity of 5G cloud infrastructure.
In the report, CISA advises:
“As 5G networks and devices continue to increase in popularity, the importance of platform security to harden your systems against malicious cyber activity and persistence is apparent.”
Smarter MSP will unpack this and some of the report’s other finer points, and next week we’ll have experts weigh in with their insights.
Security must be implemented from the ground up
One of the biggest hurdles, according to MSP owners, comes down to something that has become one of the industry’s most significant trouble spots: “lack of staffing.”
“Cybersecurity specialists need training on 5G best practices, but there just aren’t enough techs to be trained,” contends Robert Hasler, an independent cybersecurity specialist in Pittsburgh.
Because of #5G’s speed, there is no time for mitigation after the fact; #security measures must be implemented from the ground level up. @SmarterMSP
“A secure 5G core requires cybersecurity mitigation that is implemented at the foundation level and carried forward,” states Jorge Laurel, NSA Project Director for ESF. “A secure underlying foundation ensures the services deployed on the network are done so on a secure infrastructure, which further strengthens the security of data across the network.”
IoT and multi-cloud deployments powered by 5G are a ‘lucrative target’
5G will power the explosion of IoT devices and billions of sensors that will power them. Those sensors will become attack vectors, and MSPs and cybersecurity specialists will need to monitor them. Throughout the network, core, and edge, the 5G is leveraging cloud infrastructure, which carries its own set of challenges. Among them per the CISA report:
“A characteristic of cloud infrastructure that presents a significant security challenge in 5G is multitenancy, using a shared physical infrastructure by multiple cloud infrastructure customers, e.g., mobile network operators. A way to mitigate this security issue is to harden and securely configure technologies that isolate the workloads (e.g., virtualization/ containerization) for those customers.”
Another factor creating security challenges is the increasing deployment of a multi-cloud deployment model in 5G with diverse and evolving architectures and design approaches used by a wireless carrier.
5G networks, the CISA warns, which are cloud-native, will be a lucrative and tempting target for cyber threat actors who wish to deny or degrade network resources or otherwise compromise information.
Several MSP owners, I spoke to agree with the CISA’s assessment that 5G cloud infrastructures need to detect and respond to threats to counter the compromise threat. All 5G networks should follow best practices.
CISA outlines best practices for 5G security
The CISA Working Group has divided 5G security into four general areas:
I: Prevent and Detect Lateral Movement: Detect malicious cyber actor activity in 5G clouds and prevent actors from leveraging the compromise of a single cloud resource to compromise the entire network.
II: Securely Isolate Network Resources: Ensure that there is secure isolation among customer resources with emphasis on securing the container stack that supports the running of virtual network functions.
III: Protect Data in Transit, In-Use, and at Rest: Ensure that network and customer data is secured during all phases of the data lifecycle (at-rest, in transit, while being processed, upon destruction). • Part IV: Ensure Integrity of Infrastructure: Ensure that 5G cloud resources (e.g., container images, templates, configuration) are not modified without authorization.
IV: Ensure Integrity of Infrastructure: Ensure that 5G cloud resources (e.g., container images, templates, configuration) are not modified without authorization.
Zero Trust will be a big part of 5G security going forward in helping to secure the networks.
“The promise of 5G is that is going to offer – and is offering – enterprises a speed and efficiency unseen before. It’s going to explode the growth of IoT devices and offer MSPs opportunities in all directions. The problem is that 5G’s arrival also offers hackers plentiful opportunities, MSPs that can strike a balance between the peril and promise of 5G will be ahead of the game,” Hasler concludes.
Photo: Blue Planet Studio / Shutterstock