Warning of the vulnerabilities of the high-speed 5G telecommunications network, papers submitted at a key security meeting have found that it can provide an excellent platform for middlemen and agents to make connections for crimes such as drug trafficking, human and organ trafficking, and money laundering and terrorist financing. The papers, written by some Indian police officers, were presented at the just-concluded Conference of Directors General of Police (DGPs) and Inspectors General of Police (IGPs) attended by Prime Minister Narendra Modi.
The newspapers noted that the 5G The network is based on easily accessible and open Internet protocols and inherits all the vulnerabilities of previous generations that make it vulnerable to cyber attacks and compromise the security of the entire system.
The IPS officials who wrote the papers suggested that reserved 5G bandwidth and highly secure equipment should be proactively developed for sensitive government-related communications and for military use, and only licensed and authenticated firms with the lowest cyber risk or with maximum Security protocols should be allowed to work for government agencies.
“With cryptocurrencies and decentralized banking systems that continue to gain popularity with the help of real-time 5G networks, the connections and financial path will be difficult to trace.
“5G can provide an excellent platform for intermediaries and agents to connect to crimes such as drug trafficking, human and organ trafficking, money laundering, terrorist financing, etc.,” the newspapers said.
In addition to the Prime Minister, the three-day annual conference was attended last weekend by Union Minister of the Interior Amit Shah, National Security Advisor Ajit Doval and around 350 high-ranking police officers from the country.
The 5G network core is based on easily accessible and open Internet protocols such as HTTP and Transport Layer Security (TLS). In a network slicing environment, different subnetworks have different types of cyber security.
Air interface encryption keys are delivered over unsecured routes. Vulnerabilities such as IDOR (Insecure Direct Object Reference) could appear.
“The telco cloud is vulnerable to cyberattacks that can compromise the security of the network and data stored in the cloud,” the papers said.
Network Function Virtualization (NFV) allows criminals to deploy or execute attacks to obtain and even modify monitored telephone numbers (target lists).
There are several improvements in 5G that support such remote control features as drones, robotic surgery, etc. but criminals can also exploit this aspect.
Another problem with 5G is edge computing operations, where processing occurs at distributed, communicating nodes near the user network.
This increases the problem of data collection for safety devices since there is no central node through which data travels.
The newspapers said that 5G can support millions of artificial intelligence (AI)-based Internet of Things (IoTs) and devices per square kilometer, leading to a massive increase in the attack surface for cybercriminals.
Cyber crimes such as cellular network mapping, distributed denial of service, battery drain, service degradation, mobile IMSI capture, malware injection, CNC creation, communications interception, DNS spoofing, uplink and downlink impersonation, etc. may be easier to carry out papers said.
“During the initial transition phase, future 5G networks will inherit all the vulnerabilities of previous generations.” There is a possibility that end-to-end encryption (E2ER) will become standard during the upcoming standardization process, posing a challenge for law enforcement agencies represents.
IPS officers wrote that 5G device makers will try to sell the valuable data to marketers for targeted advertising, and this should be monitored to ensure it doesn’t fall into the wrong hands.
Holistic cybersecurity is the only solution for this new ecosystem created by 5G. Everything from core devices to network layer IoTs and the user’s mobile or device should be considered a potential point of attack.
The IPS officials suggested security precautions, noting that consumer education on IoT security is necessary and devices should be purchased from trusted sources rather than suspicious sources like China.
“Mobile operators need to adopt a hybrid cloud-based approach, storing sensitive data on-premises and less sensitive data in the cloud. Network operators must pay attention to the need for resilience of their infrastructure in the event of power failures, natural disasters, misconfigurations, etc.,” the newspapers said.
