FEATURE
How secure is 5G network slicing?
Joseph Waring, Asia Editor, Mobile World Live
Network slicing is all the rage judging by headlines in the trade press, with GSMA Intelligence estimating the market for 5G virtual slices for enterprises will be worth $300 billion by 2025.
A global survey of enterprises across a range of vertical sectors by the research outlet found 87 per cent of enterprises see 5G network slicing as either very important or somewhat important to achieving success in their IoT deployments.
Mobile operators can use the technology to split their mobile infrastructure into independent slices to offer specific virtual networks for different clients and use case.
Benefits include enhanced service flexibility and the ability to deliver services faster, but industry experts say slicing adds complexity to the network and poor management can allow unauthorised parties to access data in different network slices or deny access to users.
The question is how can companies ensure the confidentiality, integrity and availability of a network slice supplied by a mobile operator in a hosted environment?
Tolaga Research chief research officer Phil Marshall told Mobile World Live (MWL) network slicing is a great idea, but companies must have the network infrastructure maturity throughout their systems to deploy it.
“If a network isn’t virtualised, the only other way of doing slicing is by allocating dedicated resources, which means over provisioning and spending more.”
More porous
Marshall explained that as enterprise devices go wireless and mobile, network perimeters become porous, making them harder to protect with conventional approaches, noting “attack surfaces can increase tremendously”.
Nokia head of network slicing Mika Uusitalo agreed, noting with data generated across distributed networks, there is more to protect, which leads to increase risk, more attacks and additional work for security teams already overwhelmed and overworked.
Enterprise security staff have to manage data from a growing number of sources, covering mobile workers and devices, home offices, SD-WAN connected branch offices, multiple cloud and software-as-a-service applications, as well as operational technology systems and distributed IoT devices, he stated in an email.
For private slices, Uusitalo suggested the most effective approach is to build a common security framework using an integrated security platform which can connect security tools from many different vendors.
SecurityGen, a provider of security services for the telecoms industry, highlighted in a statement earlier in the year mobile operators planning to use their 5G networks to offer slicing to business customers need to be prepared to take on extra responsibility around cybersecurity.
Risk assessment
Dmitry Kurbatov, co-founder and CTO at SecurityGen, stated enterprises opting for a virtual 5G network slice should work with their operator to properly assess the level of risk for their particular use case and address the potential cybersecurity issues.
“Successful network slicing relies on honesty and transparency between operators and businesses on what is the safest, most secure choice that fulfils their connectivity needs.”
Businesses should imagine their operator’s 5G network as a co-working space that they share with multiple tenants, he explained. “Movable partition walls and doors provide privacy and security. These can be placed in different positions depending on who is renting space and how much space each tenant needs.”
A breach isolation from one slice to another via a shared network resource is the most likely cyberattack vector via a 5G network slice, Kurbatov stated.
GSMA technical security director Alex Leadbeater pointed out to MWL different types of enterprises have different levels of risk.
For example, risks are higher for large tech companies with in-house teams moving to a shared operator environment, while for most enterprises and SMEs with little of those resources, they generally move to a more secure network, although they may lose some control.
Under specific security conditions, Leadbeater argued a 5G slice is likely to be more secure than an enterprise self-managed legacy infrastructure. That assumes proper hardware-based attestation and isolation are used to keep different slices away from each other; remote access to the slice is tightly controlled; and the enterprise understands what the slice provides from a security perspective.
Slice management
In December 2022, the US National Security Agency and Cybersecurity and Infrastructure Security Agency released guidelines on security risks and mitigation strategies for 5G network slicing, which they define as an end-to-end logical network providing specific network capabilities and characteristics for a client.
An assessment developed by the two agencies on behalf of public-private working group Enduring Security Framework noted network slicing can be difficult to manage. “While there are standards defining specifications for how network operators build their 5G network, there are not clear specifications for how they should develop and implement security for network slicing.”
The guidance identified denial-of-service, man-in-the-middle and configuration attacks as high-risk threat vectors for network slicing.
Network function virtualisation (NFV) was also highlighted as another aspect of slicing which increases potential risks, including the use of microservices which makes integration and testing more difficult. NFV is fundamental to network slicing, as it eliminates the need for purpose-build hardware, which enables operators to move network functions to cloud-based servers.
The report concluded: “In addition to proper network slice management, continual monitoring is crucial in detecting malicious activity.”
The assessment recommended using advanced mitigation activities such as zero-trust architecture, multi-layer security, advanced encryption and physical isolation.
Marshall insisted the security options are not straightforward, noting ecosystem complexities leads to zero-trust strategies. In addition, companies need an understanding of best practices, particularly in the context of network slicing and network virtualisation.
“Security has to be at the forefront right from the outset of scoping and design,” he added.