5G networks vulnerable to cyber attacks, warning papers at DGP Meet

0
71

Warning about the vulnerabilities of the high-speed 5G telecom network, documents filed at a major security meeting noted that it could provide an excellent platform for intermediaries and agents to make connections for crimes such as drug trafficking, human and organ trafficking, money laundering money and terrorist financing. The papers, written by some Indian police officers, were submitted at the just concluded conference of Directors General of Police (DGPs) and Inspector General of Police (IGPs) attended by Prime Minister Narendra Modi.

It was noted in the papers that the 5G network is built on easily accessible and open internet protocols and that it inherits all the vulnerabilities from previous generations that make it vulnerable to cyber-attacks and compromise the security of the entire system.

The IPS officers who wrote the papers suggested that dedicated 5G bandwidth and highly secured equipment should be proactively developed for sensitive government-related communications and for military use and that only approved and verified companies with the least cyber risk or maximum security protocols should are allowed to work for government agencies.

“As cryptocurrencies and decentralized banking systems become increasingly popular using the real-time 5G networks, the links and financial trail will be difficult to trace.

See also  iPhone exports from India hit $1 billion in December: IT Secretary

“The 5G can provide an excellent platform for the intermediaries and agents to make links for crimes such as drug trafficking, human and organ trafficking, money laundering, terrorism financing, etc,” the papers said.

Aside from the prime minister, the three-day annual conference last weekend was attended by Union Home Secretary Amit Shah, National Security Adviser Ajit Doval and about 350 of the country’s top police officers.

The core of the 5G network is built on easily accessible and open internet protocols such as HTTP and Transport Layer Security (TLS). In a Network-Slicing environment, different sub-networks have different natures of cybersecurity.

Keys for encryption of the radio interface are delivered over unsecured routes. Vulnerabilities such as IDOR (Insecure Direct Object Reference) can arise.

“The Telco cloud is vulnerable to cyber-attacks, which can compromise the security of the network and data stored in the cloud,” the papers said.

Network function virtualization (NFV) allows criminals to use or perform attacks to access phone numbers (target lists) and even modify them for monitoring.

See also  Jio True 5G Services Now Launched In Uttarakhand, Users Get Welcome Offer

There are several improvements in 5G that support such remote control functions as drones, robotic surgery, etc., but criminals can also exploit this aspect.

Another problem with 5G is the operations of edge computing, where processing takes place on decentralized interconnecting nodes close to the user network.

This furthers the problem of collecting data for security settings as there is no central node through which data passes.

According to the papers, 5G can support millions of artificial intelligence (AI)-based Internet of Things (IoTs) and devices per square kilometer, resulting in a massive increase in the attack surface for cybercriminals.

Cybercrime such as mobile network mapping, distributed denial of service, battery drain, service degradation, mobile IMSI capture, malware injection, CnC creation, communication interception, DNS spoofing, uplink and downlink impersonations, etc may be easier to implement, the newspapers said.

“During the initial transition phase, future 5G networks will inherit all vulnerabilities from previous generations.” There is a chance that end-to-end encryption (E2ER) will be incorporated into the standard during the upcoming standardization process, posing a challenge for law enforcement agencies.

See also  Samsung Galaxy Store Gets Security Update: How To Download

The IPS officials wrote that the manufacturers of 5G equipment will try to sell the valuable data to the marketers for targeted advertising and that this should be monitored to ensure it does not fall into the wrong hands.

Holistic cybersecurity is the only solution for this new ecosystem created by 5G. From core devices to network layers, IoTs and mobile or user devices, everything should be viewed as a potential attack point.

Suggesting safety precautions, the IPS officials noted that consumer education about IoT security is necessary and that equipment should be purchased from reliable sources and not from suspicious sources such as China.

“The mobile operators must adopt a hybrid cloud-based approach where sensitive data is stored locally and less sensitive data is stored in the cloud. Network operators must be alert to the need for resilience of their infrastructure to cope with power outages, natural disasters, misconfiguration etc.’, according to the newspapers.


Affiliate links may be generated automatically – see our ethics statement for details.

.

LEAVE A REPLY

Please enter your comment!
Please enter your name here