TelcoNews Asia - Telecommunications news for ICT decision-makers
Story image
Cybersecurity priorities for mobile operators in 2023
Fri, 20th Jan 2023

Open architecture, non-standalone roaming, nation-state attacks, ransomware, and the need for more industry collaboration are among the major 5G security challenges that operators must address in the year ahead, according to new research from  SecurityGen.

“As 5G’s global footprint increases, the number of cyber threats targeting 5G increases as well,” said SecurityGen co-founder and CTO Dmitry Kurbatov. 

“In 2023, operators must be aware of the range of these threats and take necessary steps to properly defend their networks, protect their customers, and safeguard their operations and revenue.”

Kurbatov identifies the main factors shaping the risks and threats that operators must prepare for in the year ahead as follows:

1. 5G related challenges

5G is open for integration - but also open to attack
Unlike previous mobile network generations like 3G and LTE, 5G is designed from the ground up to be flexible and open for integration with multiple external systems. However, the same open architecture that enables this flexibility and easy integration can also make 5G vulnerable and exposed to threats and hidden vulnerabilities.

The challenge for operators is to maximise 5G’s advanced functionality and interoperability while also recognising this vulnerability and minimising the threats arising from 5G’s extra openness compared to previous network generations.

Beware roaming traffic from non-standalone 5G
As operators deploy more 5G networks and more users purchase 5G smartphones, the volume of roaming traffic between 5G networks increases. But the majority of this extra roaming traffic goes through non-standalone 5G networks which still use unsecure legacy technology for their core networks, including signalling protocols such as GTP and Diameter, which have proven to be hackable in recent years.

Without proper security measures in place, 5G is vulnerable to threats originating from non-5G networks carried in non-5G network traffic – but which are able to damage and disrupt 5G services.

2. Cyberattacks from hostile states and organised crime

Telecom networks are critical national infrastructure, which makes them high-value targets for cyberattacks, especially during times of conflict and heightened geopolitical tensions. The growing use of mobile - especially 5G - for connecting and remote monitoring of everything from energy grids and automated factories to smart cities and transport systems, amplifies the damage and disruption that an attack on an operator’s network could inflict. Mobile’s importance also makes it a target for organised crime groups to launch financially motivated attacks of their own aimed at operators or their subscribers.

3. Operators as high-value targets for ransomware

The number and frequency of cyber-attacks such as ransomware and phishing show no signs of slowing down. The threat of ransomware is already well known: however in 2023, expect the bad actors behind them to become more advanced and more selective in their attacks - including targeting mobile networks as the means to breach telecom operators and access the valuable customer data they hold.

4. New industry regulations on security but operators must do more themselves

National and pan-regional regulators are pushing the telecom industry to comply with new security requirements that address the heightened threat of cyberattack on digital infrastructure and telecom networks as part of it.

Mobile network security is still perceived as an after-thought. Rather than adopt a network-wide, security-by-design approach, many operators continue to rely on inefficient one-off security techniques which leave parts of their networks exposed to hackers.

5. Effective cybersecurity also depends on collaboration

Hinders knowledge sharing
When companies and experts share their knowledge and experience, everyone benefits.  But with international cooperation undermined by current geopolitical rivalries and tensions, divisions might open between operators and other telecom industry players, industry regulators and national governments that make it more difficult to cooperate on collective joint efforts for better cybersecurity.

Cyber-security skill shortages
Cyber-security continues to suffer an ongoing shortage of skilled workers, especially in areas that require specific expertise such as telecoms. Combined with the lack of knowledge sharing, the skills shortage makes it harder to encourage and develop new talent. The telecoms industry, led by operators, needs to step up and invest in training initiatives to attract new workers and provide them with the requisite skills needed to grow the cyber-security talent pool.

Against this range of threats, Dmitry identifies the following steps for operators to strengthen the security and resilience of their 5G networks:

Make the security of your 5G network as much of a commercial and operational priority as its performance in terms of speed, throughput, and coverage. The current economic conditions should not put operators off investing in proper security measures. Security is more efficient and cost-effective when it is built-in across the entire system, and not just a patch on the surface.  Adopt a defence-in-depth approach based on continual network-wide assessments and monitoring. 5G networks are a step-change in complexity that are more like IT systems than legacy mobile networks. Regular security checks, continuous analysis and other established cybersecurity methods fine-tuned for the telecom environment will provide the level of detail and in-depth scrutiny that’s needed to ensure a 5G network is secure against advanced attacks.

Effective 5G security requires more than just installed software solutions and automated monitoring and testing. Extensive and ongoing training is also essential, so that operator security teams can explore and stay up to date with the latest cyberthreats - and also identify new vulnerabilities as they emerge.

“Operator security teams must be mindful of the new, unique security challenges specific to 5G while at the same time not losing sight of the threats inherited by legacy technologies within 5G’s set up,” explains Kurbatov.

“Telecom security cannot be solved by a single-point solution, it requires a comprehensive strategic approach along with collaboration between ecosystem players. Operators and their industry partners should cooperate closely with governments and regulators to ensure cybersecurity receives the attention and investment to protect users and ensure that networks remain safe, secure and resilient."