BLOG

Keeping Up the Pace in Safeguarding Your Networks from Cyberattacks

F5 Thumbnail
F5
Published April 02, 2021

The world is changing as remote everything is becoming the new norm, and being connected to everything everywhere is now a necessity. Also, as mobile networks are entering the enterprise edge, we will see an explosion of connected devices. This places a consistent strain on mobile networks—not only in terms of augmenting bandwidth but also as MNOs need to keep pace in terms of staying ahead of malicious attacks. Being connected to everything, everywhere requires a vast, complex, and distributed infrastructure that is out of sight and out of mind for the end users.

The race to be a 5G “first” started a few years back but now it’s not a matter of simply arriving at a particular finish line first but rather who will be the most steady and secure. Those operators will ultimately win the race—the race unfaltering Quality of Experience (QoE) for users and, most importantly, trust.

Attacks on mobile networks are constant, and as long as there is valuable data to exploit, there will be bad actors seeking to taking advantage of any vulnerability. A clear understanding of the threat landscape allows service providers to build targeted cybersecurity defenses. Digital transformation is not an easy lift in the service provider world. One extremely important question is: What is security’s role in the digital transformation journey? Answering this is critical in safeguarding your customers and networks from cyberattacks.

Understanding the Threat Landscape

Mobile networks are becoming increasingly more complex, with multiple generations of networks coexisting alongside security risks that have been inherited from previous implementations. All this is combined with an increased attack surface, the exponential growth of connected devices, and the fact that 5G makes heavy use of HTTP/2 and REST API protocols (which are well known and widely used on the Internet). This makes tools for finding and exploiting vulnerabilities readily available to any bad actor.

The service provider threat landscape is multi-faceted and includes the following categories: Device, IoT, 5G Network, Edge, Signalling, Cloud, API and GI-LAN/N6 threats.

Figure 1: Service provider threat landscape

Service providers not only need to prevent attacks on their networks but also thwart device threats from their own front office, which include SIM breaches, third-party application abuse, and mobile phone theft, to name a few. These are critical threats that cost service providers millions of dollars every year and stem from inherent vulnerabilities. Protecting customer data is critical in maintaining trust.

Figure 2: Inherent vulnerabilities include many everyday tasks that unknowingly put users at risk

Building End-to-End Security

When building out your 5G network, security must be incorporated as part of the planning phase to avoid damaging and costly security missteps. In Heavy Reading’s 5G Security report, it was found that 67% of service providers have already implemented or are planning to implement security measures in their network by the end of 2021.

New business models and new architectures that are introduced with 5G in each vertical lead to new security challenges that were not previously identified or relevant. Accordingly, an end-to-end security strategy should be in place for a multi-tenant, multi-vendor environment enabling differentiated services. This especially rings true for industries like healthcare where personal data and privacy are paramount, and for applications where strict governance rules and mandates apply.

With 5G’s multi-cloud and distributed solutions also comes the valuable ability to implement multi-vendor network functions across the entire network—enabling a horizontal stack approach for a consistent cloud-native infrastructure architecture spanning the entire network from the core to the far-edge. To be effective, this type of architecture requires end-to-end network security for consistency and reliability across multiple domains and across multiple vendors.

The cloud-native infrastructure associated with 5G deployments is also critical in enabling network slicing where the network can be segregated into logical sub-networks, with each slice being completely isolated from one another. Network slicing can effectively provide enterprise customers with a dedicated network that can be tailored to the unique security and performance requirements and characteristics of the particular application. This increases the need to provide security measures not only across every network slice in a manner that scales and adheres to the per slice requirements but also maintains the integrity of the entire 5G network.

Conclusion

Innovation is bringing us ever closer to capabilities that were science fiction just a decade ago, with collaboration between industries and academia driving the advancement of technologies such as smart cities and IoT-driven sustainable architecture.

As 5G standalone networks continue to be deployed, maintaining customer trust in an ever-increasing threat landscape has never been more critical. The digital era is here, and we are all just one mobile theft away from having our entire virtual identity compromised. This is the same for networks. As they are becoming more and more complex, securing them is ever more challenging but has also never been more vital. With the best defense being a good offense, arm yourself in the prevention of sophisticated attacks.

Learn more on how to protect your service provider networks and, more importantly, your customers from cyberattacks here.