Network slicing will be one of the critical drivers of 5G, as it allows private wireless networks to be constructed. But according to AdaptiveMobile Security, there is a significant security flaw in its architecture of 5G and that of virtualised network functions.
The vulnerability allows data access and denial of service attacks between different network slices on a mobile operator's 5G network, leaving enterprise customers exposed to malicious cyber attacks.
Network slicing allows a mobile operator to divide its core and radio network into multiple distinct virtual blocks that provide varying amounts of resources and prioritisation to different traffic types. One of the most innovative aspects of 5G, network slicing, will let operators offer portions of their core networks for specific vertical customer use cases, such as automotive, healthcare, critical infrastructure and entertainment.
This means the network is opened up to many partners and sliced into use cases and vertical-specific blocks. The attack probability is low due to the limited number of mobile operators with multiple live network slices on their networks. But AdaptiveMobile Security warned that the issue it discovered can cause significant security risks to enterprises using network slicing and undermine operators' attempts to open up new 5G revenues.
In its research, AdaptiveMobile Security examined 5G core networks that contain both shared and dedicated network functions. It found that when a network has these "hybrid" network functions that support several slices, there is a lack of mapping between the application and transport layers identities.
This flaw in the industry standards has the potential impact of creating an opportunity for an attacker to access data and launch denial-of-service attacks across multiple slices if they have access to the 5G service-based architecture.
AdaptiveMobile Security investigated if the currently defined 5G standards' mechanisms will be sufficient to stop an attacker. In doing so, it uncovered three main attack scenarios based on the flaw, which cannot be mitigated according to today's specified technology.
A hacker comprising an edge network function connected to the operator's service-based architecture could exploit this flaw in the design of network slicing standards to access the operator's core network and the network slices for other enterprises.
This would see the operator and their customers are exposed and risk the loss of sensitive location data – which would allow user location tracking, the loss of charging-related information and even the potential interruption to the operation of the slices and network functions themselves.
AdaptiveMobile Security head of 5G security research Silke Holtmanns said that the telecoms industry needs to embrace a holistic and collaborative approach to secure networks across standards bodies, working groups, operators and vendors.
"Currently, the impact on real-world applications of this network-slicing attack is only limited by the number of slices live in 5G networks globally. If this fundamental flaw in the design of 5G standards had gone undiscovered, the risks are significant. Having brought this to the industry's attention through the appropriate forums and processes, we are glad to be working with the mobile network operators and standards communities to highlight these vulnerabilities and promote best practice in the future."