Category Archives: 5G

Huawei to get only partial access to UK’s 5G networks

Huawei and other “high risk” telecom providers will be excluded from the core of the U.K.’s 5G and gigabit-capable networks, Prime Minister Boris Johnson’s government has decided.

It’s a move that could influence Canada’s decision on whether to allow carriers here to buy 5G equipment from Huawei. However, that decision is complicated by the tense relations with China over the detention of two Canadians after Huawei’s chief financial officer was arrested on an extradition request by the United States.

Bell and Telus, which use Huawei equipment in their 4G access networks, are waiting for a decision from Ottawa.

A number of national security experts have warned Ottawa that allowing Canadian carriers to buy 5G equipment from Chinese manufacturers would be a security risk in part because of Chinese law that mandates companies there work with its intelligence agencies. Against that Huawei says the Canadian division isn’t subject to Chinese law. At the same time IT security experts say any threat by Chinese telecom gear can be mitigated because governments already have to think about possible hacks of equipment from any manufacturer.

The U.S. and Australia have banned their carriers from buying 5G equipment from Chinese manufacturers.

Related:

Huawei moves U.S. research centre to Canada

We welcome scrutiny, says Huawei Canada’s new VP of government affairs

In a decision released this morning, the government defied warnings from the United States that allowing U.K. carriers to buy any 5G equipment from Chinese manufacturers will be a security risk and a decision that could imperil its position in the Five Eyes intelligence-sharing co-operative.

In its statement — which doesn’t specifically mention Huawei — the U.K. government set out restrictions carriers must obey when purchasing equipment from what are deemed high-risk vendors. High-risk vendors are defined as those which pose greater security and resilience risks to U.K. telecoms networks.

High-risk vendors are excluded from sensitive ‘core’ parts of 5G and gigabit-capable networks, including safety-related and safety-critical networks in Critical National Infrastructure. They are also cut out of “sensitive geographic locations, such as nuclear sites and military bases.”

There is also now a 35 per cent cap on high-risk vendor access to the access parts of those networks, meaning pieces like cellular antennas. Legislation enforcing the decision will be introduced soon.

Meanwhile, the U.K. National Cyber Security Centre has issued guidance to carriers to implement the decision.

Huawei UK chief Victor Zhang issued a statement saying “Huawei is reassured by the UK government’s confirmation that we can continue working with our customers to keep the 5G rollout on track. This evidence-based decision will result in a more advanced, more secure and more cost-effective telecoms infrastructure that is fit for the future. It gives the UK access to world-leading technology and ensures a competitive market.”

Canadian telecom consultant Mark Goldberg told ITWorldCanada.com that “I hope Canadian officials complete a thorough review of the issues and reach a conclusion based on facts and evidence, free of political interference.”

John Strand, a U.K.-based telcom analyst said in a note that the British decision limits the amount that Huawei can sell in the U.K. It also means that UK operators will have to prioritize network upgrades in the Western part of the country where Huawei equipment is largely deployed.

“Overall, the UK policy will send a strong signal to the rest of Europe and the world that the use of Chinese equipment poses a security risk and should be limited,” Strand wrote. “The UK new policy is a step in the right direction, and it underscores the need for greater scrutiny of technology from firms owned and/or affiliated with the Chinese government.”

Dimitris Mavrakis, research director at tech market advisory firm ABI Research said the U.K. ruling “is extremely good news for Huawei.” The firm is “thrilled” that government took advice from security advisors and didn’t submit to “pressure induced by geopolitical tactics … The decision is a good compromise between alleviating these “security” concerns and making sure that the 5G UK market is not harmed.”

Developing …

 

Boris Johnson gets final warning with Huawei 5G verdict imminent

Former senior government figures voice security fears as PM chairs meeting of NSC

Former ministers have sounded their final warnings to Boris Johnson about the Chinese telecoms firm Huawei ahead of his expected decision on whether it will play a part in the UK’s 5G network.

The prime minister will chair a meeting of the national security council (NSC) later on Tuesday before making a judgment on the firm’s future in the country after months of concern around security, including from the US president, Donald Trump.

5G is the next generation mobile phone network and it promises much higher connection speeds, lower latency (response times) and to be more reliable than the creaking 4G networks we have now.

Continue reading...

Top 10 policy trends to watch for globally in 2020

The 10 top trends that will drive the most significant technological upheavals this year have been identified by Access Partnership. “Shifts in tech policy will disrupt life for everyone. While some governments try to leverage the benefits of 5G, artificial intelligence, and IoT, others find reasons simply to confront Big Tech ranging from protectionism to climate urgency. “Techlash trends highlighted in our report lay bare the risks of regulatory overreach: stymied innovation and economic growth … More

The post Top 10 policy trends to watch for globally in 2020 appeared first on Help Net Security.

Companies increasingly reporting attacks attributed to foreign governments

More than one in four security managers attribute attacks against their organization to cyberwarfare or nation-state activity, according to Radware. Nation-state intrusions soaring In 2018, 19% of organizations believed they were attacked by a nation-state. That figure increased to 27% in 2019. Companies in North America were more likely to report nation-state attribution, at 36%. “Nation-state intrusions are among the most difficult attacks to thwart because the agencies responsible often have significant resources, knowledge of … More

The post Companies increasingly reporting attacks attributed to foreign governments appeared first on Help Net Security.

Cyber Attacks are the Norm

By Babur Nawaz Khan, Product Marketing, A10 Networks

As we 2019, its time to have a look at the year 2020 and what it would have in store for enterprises.

Since we are in the business of securing our enterprise customers’ infrastructures, we keep a close eye on how the security and encryption landscape is changing so we can help our customers to stay one step ahead.

In 2019, ransomware made a comeback, worldwide mobile operators made aggressive strides in the transformation to 5G, and GDPR achieved its first full year of implementation and the industry saw some of the largest fines ever given for massive data breaches experienced by enterprises.

2020 will no doubt continue to bring a host of the not new, like the continued rash of DDoS attacks on government entities and cloud and gaming services, to the new and emerging. Below are just a few of the trends we see coming next year.

Ransomware will increase globally through 2020
Ransomware attacks are gaining widespread popularity because they can now be launched even against smaller players. Even a small amount of data can be used to hold an entire organisation, city or even country for ransom. The trend of attacks levied against North American cities and city governments will only continue to grow.

We will see at least three new strains of ransomware types introduced:

  • Modular or multi-leveled/layered ransomware and malware attacks will become the norm as this evasion technique becomes more prevalent. Modular attacks use multiple trojans and viruses to start the attack before the actual malware or ransomware is eventually downloaded and launched 
  • 70% of all malware attacks will use encryption to evade security measures (encrypted malware attacks)
To no surprise, the cyber security skills gap will keep on widening. As a result, security teams will struggle with creating fool-proof policies and leveraging the full potential of their security investments

Slow Adoption of new Encryption Standards
Although TLS 1.3 was ratified by the Internet Engineering Taskforce in August of 2018, we won’t see widespread or mainstream adoption: less than 10% of websites worldwide will start using TLS 1.3. TLS 1.2 will remain relevant, and therefore will remain the leading TLS version in use globally since it has not been compromised yet, it supports PFS, and the industry is generally slow when it comes to adopting new standards. Conversely, Elliptical-curve cryptology (ECC) ciphers will see more than 80% adoption as older ciphers, such as RSA ciphers, are disappearing.

Decryption: It’s not a Choice Any Longer
TLS decryption will become mainstream as more attacks leverage encryption for infection and data breaches. Since decryption remains a compute-intensive process, firewall performance degradation will remain higher than 50% and most enterprises will continue to overpay for SSL decryption due to lack of skills within the security teams. To mitigate firewall performance challenges and lack of skilled staff, enterprises will have to adopt dedicated decryption solutions as a more efficient option as next-generation firewalls (NGFWs) continue to polish their on-board decryption capabilities

Cyber attacks are indeed the new normal. Each year brings new security threats, data breaches and operational challenges, ensuing that businesses, governments and consumers have to always be on their toes. 2020 won’t be any different, particularly with the transformation to 5G mobile networks and the dramatic rise in IoT, by both consumers and businesses. The potential for massive and widespread cyber threats expands exponentially.

Let’s hope that organisations, as well as security vendors, focus on better understanding the security needs of the industry, and invest in solutions and policies that would give them a better chance at defending against the ever-evolving cyber threat landscape.

Accelerated Digital Innovation to impact the Cybersecurity Threat Landscape in 2020

Its December and the Christmas lights are going up, so it can't be too early for cyber predictions for 2020.   With this in mind, Richard Starnes, Chief Security Strategist at Capgemini, sets out what the priorities will be for businesses in 2020 and beyond.


Accelerated digital innovation is a double-edged sword that will continue to hang over the cybersecurity threat landscape in 2020.  As businesses rapidly chase digital transformation and pursue the latest advancements in 5G, cloud and IoT, they do so at the risk of exposing more of their operations to cyber-attacks. These technologies have caused an explosion in the number of end-user devices, user interfaces, networks and data; the sheer scale of which is a headache for any cybersecurity professional. 

In order to aggressively turn the tide next year, cyber analysts can no longer avoid AI adoption or ignore the impact of 5G. 

AI Adoption
Hackers are already using AI to launch sophisticated attacks – for example AI algorithms can send ‘spear phishing’ tweets six times faster than a human and with twice the success. In 2020, by deploying intelligent, predictive systems, cyber analysts will be better positioned to anticipate the exponentially growing number of threats.

The Convergence of IT and OT
At the core of the Industry 4.0 trend is the convergence of operations technology (OT) and information technology (IT) networks, i.e. the convergence of industrial and traditional corporate IT systems. While this union of these formerly disparate networks certainly facilitates data exchange and enables organisations to improve business efficiency, it also comes with a host of new security concerns.

5G and IoT
While 5G promises faster speed and bandwidth for connections, it also comes with a new generation of security threats. 5G is expected to make more IoT services possible and the framework will no longer neatly fit into the traditional security models optimised for 4G. Security experts warn of threats related to the 5G-led IoT growth anticipated in 2020, such as a heightened risk of Distributed Denial-of-Service (DDoS) attacks.

Death of the Password
2020 could see organisations adopt new and sophisticated technologies to combat risks associated with weak passwords.

More Power to Data Protection Regulations
In 2020, regulations like GDPR, The California Consumer Privacy Act and PSD2 are expected to get harsher. We might also see announcements of codes of conduct specific to different business sectors like hospitality, aviation etc. All this will put pressure on businesses to make data security a top consideration at the board level.

GTP Security: Securing 5G Networks with a GTP Firewall

Anthony Webb, EMEA Vice President at A10 Networks

It is often written that 5G will usher in the Fourth Industrial Revolution and change the economy. The speeds and capacity that 5G network promises to bring has the potential to be an indispensable technology. Verizon estimated that by 2035, 5G “will enable £10.5 trillion of global economic output and support 22 million jobs worldwide.

Therefore, 5G is not only important because it has the potential to support millions of devices at ultrafast speeds, but also because it has the potential to transform the lives of people around the world. But with this new opportunity also comes higher security risks as cyberattacks grow in sophistication and volume and use lightly protected mobile and IoT devices in their botnets or targeted attacks.

GTP today

Since the early days of 3G or 2.5G, GPRS Tunnelling Protocol (GTP) has been used to carry traffic and signalling through mobile networks and has continued to do so in 4G/LTE and recent 5G non-standalone architectures. But GTP was never designed with security in mind and therefore has no inherent security mechanisms.

As traffic, devices and interconnection partners surge, so does the use of GTP. The transition to 5G is happening and most operators will opt to deploy 5G in stages, using a common 4G core as they build out the 5G RAN. As a result, threats to 4G core elements from GTP-based attacks will still be present during this hybrid period. This where operators must now include a GTP firewall as part of their current network security posture and as they evolve the network to 5G.

GTP vulnerabilities have been well known by the industry and documented in GSMA reports. What is required is a GTP firewall which stops attackers from trying to exploit GTP vulnerabilities on the interfaces exposed to the network. These attacks target both mobile subscribers and mobile network infrastructure. The most common GTP security issues include confidential data disclosures, denial of service, network overloads, and a range of fraud activities. In 5G, additional security measures have been added, but GTP will continue to play an important role, especially in roaming.

What is required?

The simple answer is scalable security. Mobile operators face the challenge of securing roaming and EPC interfaces where GTP protocols are used extensively in and are known to have vulnerabilities that can be readily exploited by malicious actors. As vulnerable devices and partners expand, so does the attack surface available for malicious purposes. Operators need to meet the growing security challenges while also providing a seamless subscriber experience.

As they move towards 5G, with likely a 4G common core for many years, operators will need to tackle the risks inherent in GTP, as threats continue to grow against a much larger volume of traffic and applications. Roaming traffic, with its high complexity and large number of interconnect partners and hubs, can be an especially vulnerable and attractive target for malicious actors.

Common Threats

The most common threats from a GTP based attacks include the following:
Eavesdropping – intercepting and snooping into GTP traffic gaining valuable and confidential subscriber information

  • Fraud: Attackers can use services at the expense of the operator or another subscriber using invalid or hijacked IMSI
  • Injection of malicious GTP messages: Disrupting sessions and creating DDoS
  • Subscriber denial of service: Spoofing subscriber IDs to generate malicious messages that cause service disruption for an individual subscriber
  • Message Suppression and Modification: Prevent message delivery or allow malicious content delivery, disrupting service
  • Network Overload/DDoS: Malicious, malformed or invalid signalling packets are sent that overwhelm network elements or cause vulnerable elements to fail
GTP Firewall 
A GTP firewall provides security and scalability, while protecting the mobile core against GTP-based threats mentioned above through GTP interfaces in the access networks and GRX/IPX interconnect to support uninterrupted operations. The GTP firewall can be inserted into multiple interfaces carrying the GTP traffic. The primary use case is being inserted on S5-Gn and S8-Gp (roaming firewall) interfaces.