Standalone 5G Networks: Potential Vulnerabilities that Could Result in Denial of Service for Customers

5G networks promise high speeds, lower latency, and more robust security compared to its predecessors – and this has created a lot of buzz. As a result, there is a lot of competition among operators to roll out the network while manufacturers are already producing 5G devices.

The deployment of 5G around the world has also been facilitated by a need for always-connected computers, widespread internet of things (IoT), and dependence on smartphones. All of this is constraining the 4G LTE technology.

With the current uptake in remote working due to COVID-19, 5G is expected to see more deployment.

However, despite the promised benefits, there are varying concerns about the potential vulnerabilities of this network. Since there are various security concerns, this article will highlight those involving the standalone 5G networks.

What is 5G Standalone Network?

5G stands for the fifth generation of networks that are designed to address gaps and errors existing in the architecture of previous generation networks. However, its implementation is through a gradual phasing out of the existing networks.

Note that the 5G network involves two streams, which include the standalone (SA) and non-standalone (NSA). The NSA relies on the existing 4G infrastructure because 5G standards are not fully finalized.

On the other hand, the standalone is a completely new, end-to-end 5G network. To offer ultra-low latency and high capacities, service providers will have to fully implement the standalone 5G infrastructure.

Despite the radical and beneficial transformation promised by 5G networks, there are concerns that it might become a multidimensional cyberattack vulnerability.

Vulnerabilities for Subscribers and Mobile Network Operators

Unlike previous networks, 5G is a software-defined network and involves network function virtualization, which makes it more vulnerable.

The previous networks implement hardware choke points because they are centralized and hardware-based; whereas 5G digital routing lacks inspection and control chokepoints.

This new architecture has seen various research carried out to check its viability. As a result, industry professionals and government officials have already raised concern over the network’s security and overall architecture.

An investigation by global cybersecurity firm Positive Technologies focused on 5G standalone core in terms of its architecture security, the interaction of network elements, as well as subscriber authentication and registration procedures.

The examination revealed that “the stack of technologies in 5G potentially leaves the door open to attacks on subscribers and the operator’s network. Such attacks can be performed from the international roaming network, the operator’s network, or partner networks that provide access to services.”

The vulnerabilities were discovered in two protocols that are, PFCP and HTTP/2, which are used in 5G standalone networks.

Exploitation in Packet Forwarding Control Protocol (PFCP) would result in denial of service. This is because the PFCP is used to manage subscriber connections. A PFCP session includes three procedures: session establishment, modification, and deletion. It’s at this point that denial of service can be carried out by attackers through a session deletion request, a session modification request, or redirection of data through a session modification request.

For the HTTP/2, the Positive Technologies research found that an attacker could obtain the network functions profile and impersonate any network service. This is because the HTTP/2 protocol is responsible for vital network functions that register and store profiles on 5G networks. The attacker then would have access to authentication status, current location, and subscriber settings for network access. It’s also possible that an attacker would be able to delete NF profiles, which could result in a financial loss as well as damage subscriber trust.

If not handled correctly, the 5G standalone network security issues will place critical infrastructures such as hospitals, transport, and utilities at risk.

Solution and Conclusion

According to the report, the vulnerabilities would appear due to misconfigurations. With vendors competing to launch 5G networks, attackers will take advantage of poor configurations.

Therefore, it calls for proper configuration of the architecture to stop these types of attacks. Unfortunately, errors still might occur. To detect configuration errors in the networks, regular security audits should be performed.

It’s also vital that apart from ensuring proper equipment configuration, security monitoring, and enhancing the implementation of firewalls are also top priorities.

In conclusion, 5G’s high speeds, low latency, and high bandwidth will be highly beneficial. However, potential security holes could cost more than the cost of implementing this technology. As a business owner considering the 5G network, do not let your guard down just because the new network promises to address gaps and errors in previous generation networks.

Will StarLink be the Next Disruption to the Telecommunication Industry?

With every new project comes expectations, uncertainties, questions, opposition, and more. Elon Musk’s StarLink internet is one such project.

Just last month, on Nov. 24, SpaceX launched 60 StarLink internet satellites – making a total of more than 900 of its flat-panel satellites already on low earth orbit (LEO). This also marked the company’s 23rd space launch since the start of 2020.

But just what is StarLink; why is it a big deal; and will it replace existing internet infrastructure?

Follow along for information already in the public domain that will help answer some of these questions.

What is StarLink?

StarLink is an initiative by SpaceX that aims to provide internet from space. Its goal is to do this through a low earth constellation of micro-satellites that promise high speed and low latency internet access to all parts of the world. What this means is that you can access fast internet from any corner of the world, whether in the forest, in the middle of the ocean, or anywhere else.

How Does StarLink Internet Work?

First, a little history. Product development started in 2015, and by February 2018, two prototype test flights were launched. In May 2019, the first large deployment made up of 60 operational satellites was launched. Since then, it has been a continuous process to send more satellites into space. SpaceX intends to have launched 12,000 satellites by 2028, with an ambitious target of 1,440 per year.

So how does StarLink internet work? Unlike other satellites that are placed in higher earth orbits, StarLink satellites are placed in low earth orbits. The high-placed satellites have to travel long distances, which leads to high latency – and this is what SpaceX intends to solve.

Will StarLink Replace ISPs?

Currently, service providers like Verizon and AT&T are already spending millions to reinforce their fiber infrastructure reach to cover more ground. In addition, 5G is already available in many areas and promises superior reliability, negligible latency, and high speeds. Yet more StarLink satellites are being sent to space.

In fact, if the project is successful, there will be a constellation of satellites surrounding the earth as Musk plans to have an additional 30,000 added to the initial approved 12,000 (although this doesn’t go well with astronomers, who have raised concerns that this will ruin the night sky).

So, will StarLink replace other ISPs? There is no telling the long-term plan that SpaceX has, but one thing that Musk has given an assurance on is that he intends to serve only remote areas and mobile applications, such as in planes, trains, and ships.

If we were to compare StarLink and 5G, you would find that they do have different characteristics. However, it would cost a lot more for 5G to cover large areas, while StarLink would be able to cover most of the world if all satellites are placed correctly. Nevertheless, the two may work together. For example, in situations where there is no internet connection, StarLink could provide internet backhaul to 5G remote towers.

If you are in a densely populated city, you will still need your ISP. According to Musk, StarLink can’t work in cities with dense populations due to bandwidth limitations.

When Will StarLink be Available to the Public?

On Oct. 26, 2020, a public beta test was launched in select areas in the northern United States and Canada. StarLink internet is expected to be available in more regions in 2021.

One of the few instances of when StarLink has publicly been reported on is by Washington emergency responders in early August when the organization offered the internet to areas devastated by wildfires. Following an interview with CNBC, emergency telecommunications leader Richard Hall praised StarLink as being quick to set up and reliable.

As we wait for the internet to go public, one sure thing is that there are a lot of interested people. In March 2020, SpaceX got a license for up to one million user terminals from the Federal Communications Commission (FCC). By August, there were already more than 700,000 people registering interest across the United States, and so the company asked for expansion for up to 5 million user terminals.

Final Thoughts

As already pointed out, the StarLink internet might not initially disrupt the monopoly of the telecom sector. Instead, it could be a beneficial project and even complement the telcos.

Keeping in mind that the internet has played a great role in improving economic opportunities and easing communication, StarLink could be the bridge to help solve the digital divide by providing internet to remote areas.