The Report has released the Mobile Telecommunications Security Landscape Report with an overview of significant security issues. 2020 saw a number of changes in the security landscape, while traditional threat actors and areas continue to be present and pressure on networks remains.
Table of Contents
There are many industry initiatives that drive more open architectures and virtualized telecommunications infrastructures, such as TIP, O-RAN Alliance, Linux Networking Foundation, and the Open Networking Forum. The telecommunications industry uses open-source community software in a number of architectural deployments.
The software implements the functionality of the unit. The code may be proprietary and contain open source components and may contain commercially supported open-source virtualization software to enable the interface between the code and the supporting open hardware or cloud infrastructure. Different architectural decisions result in variations in the levels of abstraction and separation between workloads within virtualization fabrics.
Security must be considered when selecting the network and virtualization software layers. Therefore, strong code support is essential to ensure that malware and compromised code are fixed before attackers can exploit them.
Several attack vectors are presented, each requiring strong security controls and processes to minimize the threat of an attack:
The supply chain can be broken down into a number of distinct but related areas: the components of a network that come together to provide a resilient operational service, where those components are sourced, and the parties involved in making products and services that contribute to the preservation and maintenance of a network.
The GSMA recommends the following in relation to supply chain security:
In the era of 5G, in which Mobile Edge Computing (MEC), big data, and IoT devices become synonymous with mobile network operations, the volumes of data created, stored, and processed to meet the demands of the business increase, and as such, so does the need for a free flow of data.
The personal data of customers of mobile phone operators remains a prized target for would-be attackers. Customer data can be exploited to target individuals directly through phishing, malware, or other attacks or indirectly through the sale of data to third parties.
Cloud infrastructure is increasingly being deployed on mobile networks to take advantage of a lower infrastructure cost base, benefit from economies of scale, and increase flexibility. Technical solutions range from a private cloud, public cloud, and even hybrid cloud.
The number of devices connected to mobile networks exceeds the world population and the number of unique subscribers is 65% of the world population. With the rapid adoption of IoT devices, connections are expected to exceed 25 billion by 2025.
Devices are becoming more powerful and feature-rich, and will increasingly depend on network features and functions in the 5G era. There are more than 5 billion unique subscribers to the mobile network and the use of mobile devices represents a large volume of Internet traffic. Consumers hope to be able to run their lives from their devices, but growing awareness of inappropriate privacy controls and unauthorized use of data is lowering consumer confidence.
With the arrival of 5G, important advances have been made in terms of interconnection security, for which new controls have been defined between networks, such as the Security Edge Protection Proxy (SEPP). SEPP is a new network function that protects the edge of the home network, acting as a security gateway in the interconnections between the home network and visited networks.
The SEPP is designed to:
5G represents an opportunity for the mobile telephony industry to improve the security of networks and services, both due to its inherent design in network functions and due to its deployment strategies. New authentication capabilities, greater protection of subscriber identity, and additional security mechanisms will lead to significant security improvements over previous generations.
Much attention has been paid to identifying the main threats in 5G networks. There are a number of functions identified as critically sensitive. These include: virtualization infrastructure, controllers, orchestrators, Internet gateways, network outage, mobile edge computing, routing and switching of IP traffic at the core, database functions, authentication, access control and other security features
The shortage of specialized personnel in mobile network security has made it difficult for network operators to create and maintain their own knowledge. The breadth of knowledge that will be needed in 5G-era networks is likely to be much broader (including Intelligence Artificial, big data, IT, Cloud) and will also require the fundamentals of security skills in the traditional core of telecommunications.
To limit the impact of skills shortages, the industry should:
Only some approaches offer B2B and B2C companies more opportunities than digital lead generation. Customers…
When deciding on a business phone system, consider the features necessary to your company’s call…
Freight brokers help businesses get the products they need to run their businesses. They are…
Natural face moisturizers are gaining immense popularity among skincare enthusiasts. Unlike their synthetic counterparts, these…
The practice of gathering information from different aspects of a retail chain, such as planning,…
In the dynamic sphere of education and professional certifications, the need for reliable and secure…