AdaptiveMobile Security announced a new trio of interconnected 5G security platforms that allows carriers to protect against internal and external security threats to their 5G infrastructure. This is the first unified 5G network security solution, bringing together a combination of cybersecurity capabilities that operate in unison to secure 5G networks, slices, vertical APIs, and subscribers.
Increasingly sophisticated attacks are likely to target 5G networks. 5G network security is an order of magnitude more complex than any previous mobile technologies. The attack surface is bigger, telecom and internet protocols are converging, and the attacker tools are more widely available.
5G networks must therefore be secured at the interconnects with external networks and systems deployed to prevent nation state adversaries and criminal organizations using other perceived ‘trusted’ networks to execute missions against an operator’s 5G infrastructure. The networks need to be protected internally from rogue slices compromised by threat actors and new application APIs exposed by 5G networks must be secured to avoid creating new attack vectors.
AdaptiveMobile Security’s new 5G network security portfolio encompasses Enhanced Security Edge Protection Proxy (eSEPP) to secure both interconnected network and other network infrastructure in a mixed 4G/5G network deployment; Enhanced Service Communication Proxy (eSCP) to enforce security zones inside the core network; and the AdaptiveMobile Security Vertical API Protector, which secures the Northbound interface by verifying signalling and control communications in order to protect 5G network APIs from threat actors.
“As it currently stands, we do not appear to have learned the security lessons from 3G and 4G. Security in 5G networks is not built-in as promised and major vulnerabilities have been exposed even before the technology has been deployed,” said Brian Collins, CEO, AdaptiveMobile Security.
“5G network core technologies will be fundamentally insecure, and operators face having to protect their networks from both existing and emerging threats. Attackers already have access to the tools and techniques that are known to be effective, exploiting the IT protocols on which 5G architectures are built. Trust is not a security or a business strategy – governments, regulators, mobile operators, and network equipment vendors must all step up and secure the critical infrastructure of 5G networks. Nation-states and cyber-criminal adversaries will take advantage of any security gaps in mobile networks with catastrophic consequences for nations, networks, enterprises and subscribers.”
By identifying and correlating sources of external and internal attacks on 5G networks and subscribers, AdaptiveMobile Security enables governments, regulators, and mobile operators to understand the nature of emerging threats, pinpoint global threat actors attacking their network and prevent internal attacks on network slices. The 5G network security solution proactively manages defences against known sources of signalling attacks so mobile operators can understand, predict and defend against attacker’s methods, objectives, infrastructure, and evolution.
“5G is driving the mobile industry into adopting the technology and techniques of the IT world to increase efficiency and improve functionality,” said Dr. Silke Holtmanns, Head of 5G Security Research, AdaptiveMobile Security. “However, while laudable, there needs to be a wider mind-set change. When it comes to securing 5G, the telecoms industry needs to fully embrace a holistic and collaborative approach to secure networks across standards bodies, working groups, operators, and vendors. This new unified approach to 5G network security will be critical in protecting operators’ networks, enterprise customer and subscribers from new and emerging cybersecurity threats.”
AdaptiveMobile Security’s new comprehensive 5G network security solution is founded on its unrivalled expertise in mobile network security and team of dedicated 5G security experts. AdaptiveMobile Security is at the forefront of identifying and mitigating emerging 5G security threats. In April this year, its 5G research team revealed fundamental flaws in the standards for 5G slicing which, if unaddressed, risk exposing operators and their enterprise customers to malicious threats.
On 14 July 2021, AdaptiveMobile Security’s Head of Pre-Sales Engineering, John Kennedy, will share more information on the convergence of enterprise and telco security with 5G in a TrustTalks by AdaptiveMobile Security conversation with Patrick Donegan, Founder and Principal Analyst at HardenStance.
The discussion will focus on what can the telecoms sector learn from cyber security best practices such as the ones conducted by leading banks, transport, logistics and other businesses and explore how telecom security needs to evolve beyond just implementing new 3GPP 5G specs.