By Chafic Traboulsi, Head of Ericsson Networks, Middle East and Africa
It has become more common these days to hear about the latest security breach or denial of service (DOS) attack, which highlights the many challenges businesses face as they look to curb an increasing number of attacks passing through their IT networks.
In the telecom sector, the move to IP-based networks has been a key success factor for mobile broadband, although this crucial move hasn’t necessarily thwarted the increasing threat of attacks on mobile networks.
Our vision of the Networked Society is that when everything becomes connected, society, industries and people will be affected in various ways. The recent Ericsson Mobility Report estimates that the global number of connected Internet of Things (IoT) devices will surpass the number of mobile phones by 2018. This means that digital opportunities and cyber security challenges will expand beyond human connectivity.
Every new connected device requires holistic security thinking spanning new business models, technologies, standards and regulations. The traditional principles of risk and security management, such as check-box compliance and access control, are being challenged.
Mobile network security is rapidly becoming a critical issue for operators as they transform their cellular networks to 4G/LTE – and even 5G – while adding small cells and Wi-Fi access to boost capacity and increase coverage.
Interestingly, 5G enables more IoT use cases with vastly diverse requirements, some of which support machine-to-machine (M2M) communications with ultra-reliable connectivity. Other use cases are optimised to enable long battery life and very low cost. Essentially, these requirements call or a new generation of services with a new set of cyber security challenges.
Exposing every mobile network
An all-IP network and Wi-Fi access from untrusted public hotspots and access points exposes every mobile network to new threats that can impact service and compromise security.
Ericsson manages telecoms systems on behalf of operators and other customers around the world, serving more than one billion subscribers, supporting 2.5 billion mobile users, while handling 40% of all mobile data traffic.
As wireless networks and ICT infrastructure continue to expand and become increasingly mission-critical for large industry and society, it’s imperative that mobile operators protect their infrastructure – when operators want to offer new cloud services that connect to networks other than their own, a whole range of new security risks must be addressed.
Technology services may include remote control and monitoring of industrial systems, self-driving vehicles, and so much more. The availability and functionality of these services depends on the underlying ICT infrastructure. Cyber-attacks with safety implications are unfortunately becoming a reality.
With more data residing in the cloud, traditional perimeter protection will no longer be enough. When data flows across organizational boundaries and nations, it must be protected at all stages; when it is generated, stored, transmitted and used. This must be done over both trusted and untrusted infrastructures.
Radio access network security solutions test, verify and integrate applicable nodes needed to build a network. The solution provides end-to-end network security, which is especially important for radio nodes like small cells placed in public areas. This solution offers built-in IP security, which includes encryption, certificate-based authentication, and integrity protection between radio nodes and security gateways.
Securing the gateway
By devising a security strategy that segments the access networks (cellular and Wi-Fi) from the core network, using an enhanced security gateway ensures mobile operators can better protect themselves and their users from hacking and unwanted attacks.
Secure gateways support various tunnelling authentication and encapsulation methods, integrated firewalls, as well as high availability and network resiliency. Secure gateways must provide encryption functions with the scale that’s needed to support both new access connections from small cells and Wi-Fi access points, and private network connections to enterprise and cloud networks.
The bottom line is that although mobile networks are open to attacks, channel jamming and message forgery, modern security features are able to prevent intrusion by integrating a security architecture that provides authentication, confidentiality and integrity.
Important to note is that although modern 3G and 4G/LTE network infrastructure provides good security features, there are always new security issues that arise. It is therefore prudent for operators to investigate, improve and rollout measures that add new security layers capable of meeting the demands of the next generation of mobile network infrastructure.