5G security in the crosshairs: SecurityGen’s priorities for mobile operators in 2023
- Operators must address a range of 5G security challenges in the coming year, including open architecture, non-standalone roaming, nation-state attacks, ransomware, and the need for increased industry collaboration.
The need for robust cybersecurity measures gets more pressing as the world becomes increasingly connected and reliant on mobile technology. With 5G networks now being deployed globally, the number of cyberthreats targeting these networks is also on the rise. In 2023, mobile operators must be aware of the range of these threats and take necessary steps to properly defend their networks, protect their customers, and safeguard their operations and revenue.
According to GSMA, the Asia Pacific region mobile operators are projected to invest US$ 227 billion in 5G deployments between 2022 and 2025. The implementation of 5G networks is expected to have a significant economic impact, with GSMA forecasting that by 2030, 5G will add US$ 960 billion to the global GDP.
“As 5G’s global footprint increases, the number of cyberthreats targeting 5G increases as well,” said SecurityGen co-founder and CTO Dmitry Kurbatov. “In 2023, operators must be aware of the range of these threats and take necessary steps to properly defend their networks, protect their customers, and safeguard their operations and revenue.”
SecurityGen has outlined its cybersecurity priorities for telecom operators in 2023, with CTO Dmitry Kurbatov highlighting the main factors shaping the risks and threats that operators need to be prepared for in the upcoming year, including:
5G related challenges
- 5G’s open architecture makes it vulnerable to attacks – 5G is designed to be flexible and open for integration with multiple external systems, but this openness makes risk factors higher.
- Roaming traffic from non-standalone 5G – as operators deploy more 5G networks and more users purchase 5G smartphones, the volume of roaming traffic between 5G networks increases. Most of this extra roaming traffic goes through non-standalone 5G networks which still use unsecured legacy technology for their core networks.
Cyberattacks from hostile states and organized crime
Telecom networks are critical national infrastructure, making them high-value targets for cyberattacks, especially during conflict and heightened geopolitical tensions. The growing use of mobile, especially 5G, for connecting and remote monitoring everything from energy grids and automated factories to smart cities and transport systems amplifies the damage and disruption that an attack on an operator’s network could inflict.
Operators as high-value targets for ransomware
The number and frequency of cyberattacks, such as ransomware and phishing, show no signs of slowing down. In 2023, bad actors will become more advanced and selective in their attacks, targeting mobile networks to breach telecom operators and access valuable customer data.
New industry regulations on security
Regulators are urging the telecom industry to comply with new security requirements to address the heightened threat of cyberattacks on digital infrastructure and telecom networks. However, operators must take more initiative to secure their networks.
Many operators continue to rely on inefficient, one-off security techniques rather than adopting a network-wide, security-by-design approach. This leaves parts of their networks exposed to hackers.
Collaboration is also crucial for effective cybersecurity
International cooperation is currently hindered by geopolitical rivalries and tensions, making it difficult for operators and other industry players, regulators and governments to work together towards better cybersecurity.
Additionally, there’s a shortage of skilled cybersecurity professionals, particularly in areas such as telecoms. This, combined with a lack of knowledge sharing, makes it harder to develop new talent.
How mobile operators can strengthen security
As the world becomes increasingly dependent on technology and the internet, the security and resilience of 5G networks are of paramount importance.
To strengthen the security and resilience of their 5G networks, operators should:
- Make security a priority, alongside performance in terms of speed, throughput and coverage. Investing in proper security measures is efficient and cost-effective when implemented across the entire system.
- Adopt a defense-in-depth approach, including regular security checks, continuous analysis and other established cybersecurity methods fine-tuned for the telecom environment.
- Provide extensive and ongoing training for security teams to stay up to date with the latest cyberthreats and identify new vulnerabilities as they emerge.
“Telecom security cannot be solved by a single-point solution, it requires a comprehensive strategic approach along with collaboration between ecosystem players. Operators and their industry partners should cooperate closely with governments and regulators to ensure cybersecurity receives the attention and investment to protect users and ensure that networks remain safe, secure and resilient,” he concluded.