5G networks promise high speeds, lower latency, and more robust security compared to its predecessors – and this has created a lot of buzz. As a result, there is a lot of competition among operators to roll out the network while manufacturers are already producing 5G devices.

The deployment of 5G around the world has also been facilitated by a need for always-connected computers, widespread internet of things (IoT), and dependence on smartphones. All of this is constraining the 4G LTE technology.

With the current uptake in remote working due to COVID-19, 5G is expected to see more deployment.

However, despite the promised benefits, there are varying concerns about the potential vulnerabilities of this network. Since there are various security concerns, this article will highlight those involving the standalone 5G networks.

What is 5G Standalone Network?

5G stands for the fifth generation of networks that are designed to address gaps and errors existing in the architecture of previous generation networks. However, its implementation is through a gradual phasing out of the existing networks.

Note that the 5G network involves two streams, which include the standalone (SA) and non-standalone (NSA). The NSA relies on the existing 4G infrastructure because 5G standards are not fully finalized.

On the other hand, the standalone is a completely new, end-to-end 5G network. To offer ultra-low latency and high capacities, service providers will have to fully implement the standalone 5G infrastructure.

Despite the radical and beneficial transformation promised by 5G networks, there are concerns that it might become a multidimensional cyberattack vulnerability.

Vulnerabilities for Subscribers and Mobile Network Operators

Unlike previous networks, 5G is a software-defined network and involves network function virtualization, which makes it more vulnerable.

The previous networks implement hardware choke points because they are centralized and hardware-based; whereas 5G digital routing lacks inspection and control chokepoints.

This new architecture has seen various research carried out to check its viability. As a result, industry professionals and government officials have already raised concern over the network’s security and overall architecture.

An investigation by global cybersecurity firm Positive Technologies focused on 5G standalone core in terms of its architecture security, the interaction of network elements, as well as subscriber authentication and registration procedures.

The examination revealed that “the stack of technologies in 5G potentially leaves the door open to attacks on subscribers and the operator’s network. Such attacks can be performed from the international roaming network, the operator’s network, or partner networks that provide access to services.”

The vulnerabilities were discovered in two protocols that are, PFCP and HTTP/2, which are used in 5G standalone networks.

Exploitation in Packet Forwarding Control Protocol (PFCP) would result in denial of service. This is because the PFCP is used to manage subscriber connections. A PFCP session includes three procedures: session establishment, modification, and deletion. It’s at this point that denial of service can be carried out by attackers through a session deletion request, a session modification request, or redirection of data through a session modification request.

For the HTTP/2, the Positive Technologies research found that an attacker could obtain the network functions profile and impersonate any network service. This is because the HTTP/2 protocol is responsible for vital network functions that register and store profiles on 5G networks. The attacker then would have access to authentication status, current location, and subscriber settings for network access. It’s also possible that an attacker would be able to delete NF profiles, which could result in a financial loss as well as damage subscriber trust.

If not handled correctly, the 5G standalone network security issues will place critical infrastructures such as hospitals, transport, and utilities at risk.

Solution and Conclusion

According to the report, the vulnerabilities would appear due to misconfigurations. With vendors competing to launch 5G networks, attackers will take advantage of poor configurations.

Therefore, it calls for proper configuration of the architecture to stop these types of attacks. Unfortunately, errors still might occur. To detect configuration errors in the networks, regular security audits should be performed.

It’s also vital that apart from ensuring proper equipment configuration, security monitoring, and enhancing the implementation of firewalls are also top priorities.

In conclusion, 5G’s high speeds, low latency, and high bandwidth will be highly beneficial. However, potential security holes could cost more than the cost of implementing this technology. As a business owner considering the 5G network, do not let your guard down just because the new network promises to address gaps and errors in previous generation networks.

---

"; return; } var url = block.dataset.restUrl + "?post_id=" + encodeURIComponent(block.dataset.postId) + "&keyword=" + encodeURIComponent(keyword); output.innerHTML = ""; submit.disabled = true; output.setAttribute("aria-busy", "true"); fetch(url, { headers: { "X-WP-Nonce": block.dataset.nonce } }) .then(function(r){ return r.json().then(function(data){ return { status: r.status, data: data }; }); }) .then(function(resp){ if (resp.status === 200 && resp.data && resp.data.success) { dpSimilarRender(output, keyword, resp.data); } else if (resp.status === 403) { output.innerHTML = ""; } else if (resp.status === 429) { output.innerHTML = "" + dpSimilarCta(output, -1); } else { output.innerHTML = "" + dpSimilarCta(output, -1); } }) .catch(function(){ output.innerHTML = "" + dpSimilarCta(output, -1); }) .then(function(){ submit.disabled = false; output.removeAttribute("aria-busy"); }); } function dpAskGrokSend(block) { var input = block.querySelector(".dp-ask-grok-input"); var result = block.querySelector(".dp-ask-grok-result"); var send = block.querySelector(".dp-ask-grok-send"); var form = block.querySelector(".dp-ask-grok-form"); var button = block.querySelector(".dp-ask-grok-button"); var intro = block.querySelector(".dp-ask-grok-intro"); var question = (input.value || "").trim(); if (question.length Please ask a question of at least 10 characters."; return; } if (question.length > 500) { result.innerHTML = ""; return; } result.innerHTML = ""; send.disabled = true; result.setAttribute("aria-busy", "true"); fetch(block.dataset.restUrlAskGrok, { method: "POST", headers: { "Content-Type": "application/json", "X-WP-Nonce": block.dataset.nonce }, body: JSON.stringify({ post_id: parseInt(block.dataset.postId, 10), question: question }) }) .then(function(r){ return r.json().then(function(data){ return { status: r.status, data: data }; }); }) .then(function(resp){ if (resp.status === 429) { if (form) form.style.display = "none"; if (intro) intro.style.display = ""; if (button) { button.style.display = ""; button.disabled = true; button.setAttribute("title", "Daily limit reached. Try again tomorrow."); button.textContent = "Daily limit reached"; } var rateMsg = (resp.data && resp.data.message) ? resp.data.message : "You\u2019ve reached today\u2019s question limit. Please try again tomorrow."; result.innerHTML = ""; return; } if (resp.status === 403) { result.innerHTML = ""; return; } if (resp.status === 200 && resp.data && resp.data.success) { var safeAnswer = dpSimilarEscape(resp.data.answer || ""); var safeDisclaimer = dpSimilarEscape(resp.data.disclaimer || ""); var answerHtml = ""; result.innerHTML = answerHtml; if (form) form.style.display = "none"; if (intro) intro.style.display = ""; if (button) { button.style.display = ""; button.disabled = true; button.setAttribute("title", "Daily limit reached. Try again tomorrow."); button.textContent = "Daily limit reached"; } return; } if (resp.status === 200 && resp.data && !resp.data.success) { var msg = dpSimilarEscape(resp.data.message || "Could not process your question right now."); result.innerHTML = ""; return; } result.innerHTML = ""; }) .catch(function(){ result.innerHTML = ""; }) .then(function(){ if (send) send.disabled = false; result.removeAttribute("aria-busy"); }); } function dpSimilarRender(output, keyword, data) { var html = ""; if (data.count === 0) { html += ""; } else { html += "

Articles matching “" + dpSimilarEscape(keyword) + "”

"; html += "

"; data.results.forEach(function(r){ html += "
• "; html += "" + r.title + ""; html += "" + r.date + ""; html += "
"; }); html += "

"; } html += dpSimilarCta(output, data.count); output.innerHTML = html; } function dpSimilarCta(output, count) { var block = output.closest(".dp-similar-block"); var contactUrl = block ? block.dataset.contactUrl : ""; if (!contactUrl) { return ""; } var ctaText; if (count === -1) { ctaText = "While you wait, here are some other ways to get help:"; } else if (count === 0) { ctaText = "Couldn\u2019t find what you needed? Speak with a professional for personalized help."; } else { ctaText = "Need more help with this topic? Speak with a professional."; } var html = ""; return html; } function dpSimilarEscape(s) { var div = document.createElement("div"); div.textContent = s; return div.innerHTML; }})();