5G slicing can be dicey, says security specialist
Hailed by vendors and operators alike as a key benefit of future 5G networks, one security specialist is now saying there is a problem with 5G network slicing that could make 5G mobile networks vulnerable to attack.
Network slicing is a feature of standalone 5G networks that is set to enable an array of new applications and use cases. It is designed to allow operators to create virtual slices that can support different network characteristics, allowing operators to cater to a range of customer needs.
However, mobile network security specialist AdaptiveMobile Security has just publicly disclosed details of what it describes as a “major security flaw” in the architecture of 5G network slicing and virtualized network functions.
“The fundamental vulnerability has the potential to allow data access and denial of service attacks between different network slices on a mobile operator’s 5G network, leaving enterprise customers exposed to malicious cyberattacks,” the company explained.
AdaptiveMobile has already shared its findings with the GSMA. If left unresolved, it warns that the issue “has the potential to cause significant security risks to enterprises using network slicing and undermine operators’ attempts to open up new 5G revenues.”
AdaptiveMobile said it is working in conjunction with the GSMA, operators and standards bodies to address the issue and update architectures to prevent exploitation. It also directs those interested in finding out more to the full white paper.
Don’t panic
The good news is that the probability of attack is currently deemed as low, owing to the limited number of mobile operators with multiple live network slices on their networks.
James Moran, head of security for the GSMA, went further still, saying it is “important to emphasize that 5G core network slicing is yet to be deployed anywhere and the attacks described in the research paper have not been demonstrated in any live environments.”
“The discovered vulnerabilities do not expose existing network deployments to the threats described in the paper,” Moran said.
To read the complete article, visit Light Reading.