Dos, DDoS, Jamming, Eavesdropping and Traffic Analysis, summarizing potential attacks on 5G wireless networks and threats to 5G adoption, IoT, cloud environment.
The adoption of 5G services are inevitable. The innovative and disruptive capacity of the new technology is immense and only with its faster connectivity the complete realization of the IoTs, Virtual Reality, Augmented Reality, Smart Cities, Industrial Automation, Robotics, remotely managed critical services and unlocking other seemingly impossible opportunities can be achieved. So for the better or worse, the new technology is here to transform connectivity, communication, and business, and with a recent Gartner report indicating two-thirds of the organizations willing to implement 5G network it is crucial to measure the security imperatives and future impact of the 5G technologies before jump the gun. The battle has already begun with major players striving to win the major share of the 5G market.
The Korean giant Samsung has already begun the mass production of the 5G radio chipsets and modems. By the 2020 Qualcomm will introduce the chips with an integrated 5G modem supporting the low latency and low energy consuming technology. Multiple providers including AT&T, Telstra, KT, T Mobiles has introduced the 5G trials, including the latest Verizon 5G venture which have failed to garner positive reactions in its early rollout. Ericsson, Huawei, multiple players are claiming their 5G readiness and the supremacy over the technology competing fiercely and according to the Statistia the 5G connections will soar to 20 million to 100 million in 2021 after the 5G will be introduced in 2020. Some are expecting it to reach even 200 million with the 5G infrastructure market hitting the mark of 26 billion in 2022.
A brief picture of the potential attacks on the 5G wireless networks
But the concern over the 5G mobile network security challenges must be addressed well before the wide acceptance of the 5G by carefully assessing the risks associated with it. According to specialists with more endpoints, there are more opportunities to invade the network and technologies like small cell access points and relays in device-to-device communication opened the 5G wireless communication network to new vulnerabilities. A recent paper from IEEE has described the four major types of potential attacks on the 5G mobile networks that can be launched intending to simply interrupt the services or to cause some serious damages.
Network Eavesdropping and Traffic Analysis
Eavesdropping happens when the message is intercepted by an attacker by exploiting the weakened connection between the client and the servers. The attacker diverts the network traffic to itself listening to the network, sniffing for information. The passive attack is usually hard to detect as it does not affect the communication as such. In the case of Traffic Analysis, the attacker intercept the communication to obtain the information and analyze it in order to gain important information. Again the there is no alteration in the original communication and it is a hard to discover passive attack that the network can suffer.
Encrypting the signals is the only way to prevent the unauthorized user to intercept the communication and prevent these attacks but the success depends on the strength of the cipher algorithm and the computing power invested by the attacker. With the increasing computing capability and technological advancements like data analytics, the current security measures are clearly insufficient and with the addition of the 5G Het Net (Heterogeneous Networks) the security key management will become extremely difficult to handle. Multiple antennas, multiple access points, and users entering and leaving the small cells as described earlier will make it even harder to protect the network from the eavesdroppers and other attackers.
Jamming attacks are generally done by obstructing the wireless network with lots of unwanted traffic, preventing legitimate users from accessing the network and services. It is an active attack and identifiable too because of its evasive nature of disrupting the communications between the authorized users. To counter a jamming attack normally two types of spread spectrum techniques are employed, direct sequence spread spectrum (DSSS) and frequency hopping spread spectrum (FHSS). But the anti-jamming system involving these two may not be suitable for all application in the 5G network. Another study has suggested a pseudorandom time hopping anti-jamming scheme claiming to be more effective in resisting the jamming attacks compared to the FHSS.
DoS and DDoS Attacks
Generally, Denial of Service (DoS) attacks are precedent by the jamming attacks. Here the perpetrator totally consumes network resources making network and services completely unavailable to the authorized users, and it becomes a Distributed Denial of Service (DDoS) attack when multiple computational resources and internet connections are involved to flood the target with a large number of data packets and requests to the servers overwhelming the network entirely, rendering the services inaccessible to the legitimate users. Both active attacks can be employed in different layers and can cause severe losses and a dangerous threat to the 5G operators considering the extensive number of 5G devices involved. Depending on the target, whether it is the network infrastructure or the device and user it can affect the signaling plane, user plane, management plane, radio resources, logical and physical resources or harm the memory, disk, CPU, battery, actuators, and sensors.
Here in the man-in-the-middle attack (MITM) the attacker stealthily gains the access of the communication channel intercepting the messages between authorized users, even become capable of altering it. The perpetrator can also impersonate one of the parties in the transfer, spying and stealing valuable data. The malicious actor inserts itself into the conversation as a proxy taking control of the session and a lot like eavesdropping the attack can compromise the information security and data integrity severely, a multi-layer attack like DoS. A Verizon report has categorized it as one of the most common security attacks and also a recent study has uncovered a major vulnerability lurking in the Authentication and Key Agreement (AKA) protocol confirms the 5G network vulnerabilities opened to the MITM threat.
It is just a peripheral view of the threat surface and attack vectors of the 5G mobile network and can hardly describe the complexities and disastrous effect that any of these potential attacks or any new threat can create to the hyper-connected 5g ecosystem consists of interconnected devices in massive numbers, including watches, cars to power stations and smart cities or other ambitious projects involving IoT and cloud services. But it clearly demonstrates the need for future readiness to address 5G security issues and prepared for the new emerging threats that can incapacitate this wonderful technology that is expected to transform tech-driven innovation and represented as the bringer of the fourth industrial revolution.