5G- a break in IT security

5G is generally referred to as the network of the future.

This network will change the very use of the Internet. It doesn't just see itself as an evolution of 4G, but basically we realize that it's a real break with known technologies. For this reason, it is not inappropriate to think that new risks will arise as a result of its deployment. This has always worried the European Union, but also the telecommunications and IT security communities as a whole.

This article will also interest you: 5G security vulnerabilities

On October 16, Olave Lysne, a computer scientist at the cybersecurity at the 10th European Telecoms Decision-Making Fair, the Berec Brussels forum, said "5G is the most critical infrastructure ever created for cyber. It will depend on the safety of all the others. ». But before that, a few days earlier, in the city of Monaco during the security meetings, he had held the focus of the debate on securing the 5G network around a round table. European Union has protested clearly and clearly expressed concern in its report, written in one 30 pages specifically on the risks associated with the use of 5G in terms of cybersecurity.

What we do know is that 5G network virtualization will significantly increase software flaws while non-standalone 5G networks based on the old 4G network are less risky. However this version of the 5G is not for today, as its deployment and configuration will take longer. Explaining the process of 5G virtualization, Kevin Poireault, Journalist, explains: "Network Function Virtualization (NFV), the ability to separate hardware from software for network equipment.

This virtualization allows you to create several logical networks, called slices, controlled by programming interfaces (APIs) at the same time. A sliced cut (network slicing) that offers operators the ability to deliver different levels of services (in terms of reliability, latency, bandwidth capacity, coverage…) from the same infrastructure. For example, greater connectivity for an autonomous car than for a simple smartphone. ». With this explanation, we realize that the benefits of the virtualized 5G network are convincing. it makes the transmission of information faster, but also more efficient. However, the risks are also subtle but important: "By virtualizing everything, you no longer have any physical control like the one you could put in place with the previous networks," explains a computer security researcher known as SwitHak, during the roundtable at the Assises in Monaco.

On the other hand, the European Union report does not dwell on the disadvantages associated with the NDS and the NFV described above. But the concern for them is mainly directed at "major security flaws, such as those derived from vulnerable software within vendor equipment that could help attackers maliciously insert intentional backdoors into products, and also make them more difficult to detect."

Companies, on the other hand, believe that the development of 5G will disperse their security strategy, especially since they are soon at the end of the project of securing the cloud, stresses Téodor Chabin, head of information systems security at Thalès who is also present at the Assises. For the latter, the impact of 5G will be truly major, as companies will be forced to review the IT architectures on which they have worked for so many years fiercely. "With the arrival of 5G, we're going to end up with a 'scattered cloud'," he says. I, like other RSSIs, managed to make sure that we had a cloud that was pretty much secure, hosted in known data centers. All of a sudden, we're going to end up with data scattered across these 5G networks. »

While 5G networks promise performance worthy of technological progress, the risk is greater. Computer security researcher SwitHak joked: "Already, with speeds in the order of several gigabits per second, guarding against data exfiltration will not be easy," he says. But with terabits/seconds, as the specification committees predict, very optimistic, I dare not imagine how quickly one could empty a data center. »

Now access an unlimited number of passwords:

Check out our hacking software