from the they've-got-their-5G-heads-in-the-clouds dept.
A shift to the cloud is opening the industry up to new attacks:
Prominent tech firms like Microsoft and NEC have recently expressed concerns over the security and perhaps too-rapid adoption, respectively, of critical 5G technologies. Now German security researchers have given some substance to the industry's fears and unease.
At a hacker conference held in the Netherlands last month, Karsten Nohl, founder of Berlin-based Security Research Labs, outlined how his team had breached live 5G networks in a series of "red teaming" exercises—where hackers are hired by a company to test their defenses. In most cases they were able to take control of the network, he says, potentially allowing them to steal customer data or disrupt operations.
The hacks, revealed at the May Contain Hackers 2022 event (a.k.a. MCH2022), were made possible thanks to poorly configured cloud technology, which is playing an increasingly important role in 5G networks. Nohl says many telcos are inexperienced in how to protect such systems, and his team found that operators had failed to apply basic cloud security techniques that could help mitigate hacks.
The push toward Open RAN, virtualization, and "cloudifcation" unlocks more choice and functionality for 5G operators. It has also thrust them into the unfamiliar role of system integrator, suddenly responsible for securing the entire supply chain.
"5G has swept over telcos with all its implications, and nobody seems well prepared," says Nohl. "We are introducing new technology into mobile networks, and those technologies can greatly enhance the security of our mobile networks. Or they can basically destroy any hacking resistance we've built up over the years. People are not aware of those choices."
Mobile operators have traditionally relied on proprietary hardware from vendors like Ericsson, Nokia, and Huawei to build their networks. But in recent years, there has been a major push to "virtualize" network functions, which involves replicating key components in software so they can run on generic hardware, or even in the cloud. And the advent of 5G has only heightened the demand for virtualization, in particular when it comes to radio access networks (RANs)—the part of the network involved in connecting end-user devices like cellphones to the network core.
[...] This makes it much easier to break into such virtualized networks than was previously possible. Among the entry points the team discovered included a backdoor-revealing API that had been posted publicly to the Internet as well as an old development site that had accidentally been left online. But the increased ease with which attackers can penetrate the networks is not in and of itself the main problem. "The really critical question is how difficult it is to break through from your initial foothold to something actually valuable within the network," says Nohl.
His team found it was worryingly easy to move deeper into the networks they tested, thanks primarily to poorly configured "containers." These are self-contained packages of software that bundle up an application and everything needed to run it—code, software libraries, and configuration files—so that it can be run on any hardware. Containers are a critical part of the cloud, because they allow different applications from different companies or departments to run alongside one another on the same servers. Containers are supposed to be isolated from one another, but if they are poorly configured it's possible to break out and gain access to other containers or even to take control of the host system. In multiple instances Nohl and his team found misconfigured containers that allowed them to do just this.
[...] Nonetheless, [Dmitry Kurbatov is optimistic about the shift to 5G. Previously, operators had little option but to trust vendors when it came to security, but now they will be able to take matters into their own hands. "You actually can have full visibility and control over [5G] systems and functions, which means now you have the chance as the network owner to be much more secure," he says.
And even more important, the industry isn't alone in going through the transition to the cloud, says John Carse, chief information security officer at the Japanese operator Rakuten Mobile, which has been a champion of Open RAN principles. "This is a good thing because it means telecom doesn't have a special problem to solve," he says. "Telecom can benefit from adoption of techniques happening in all the industries surrounding it versus trying to overcome proprietary challenges."
(Score: 2, Funny) by Snotnose on Saturday December 31, @09:55PM
Just get yourself inside some stucco walls and glass windows and, assuming your router is secure, you're good to go.
I just passed a drug test. My dealer has some explaining to do.
(Score: 3, Insightful) by MostCynical on Sunday January 01, @12:03AM
... but no one else HAS solved the problems.
While there are answers to some technical issues related to cloud and integration security, no one has solved the problems related to convincing management or shareholders to spend money on security and properly designed architecture/systems... and to implement them properly.
Cut price systems, baked-in administration logins - everything wrong with IoT is only partially mitigated with corporate cloud solutions, and for similar reasons - cost and time taken to do things properly (which cannot be offset just by throwing more resources at the system, even if they were willing to pay for the resources)
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 1, Interesting) by Anonymous Coward on Sunday January 01, @01:18AM
https://techblog.comsoc.org/2021/09/09/huawei-cto-says-no-to-open-ran-and-virtualized-ran/ [comsoc.org]
Let's ban Huawei and not have the Chinese Gov spy on us and tamper with our 5G comms. Let's pay more for equipment and have the evil Russian/Chinese/North Korean/Enemy-Country-of-the-Week hackers do that... 😉
(Score: 5, Interesting) by RamiK on Sunday January 01, @01:22AM (5 children)
What the article fails to mention is that:
1. OpenRAN is pushed by the USG to overcome Huawei's 5G patents by doing what their hardware is doing in software.
2. OpenRAN costs 3x to buy (supermicro just closed the year as the only company in US tech to turn in a profit thanks to selling openran servers to Taiwan) and is 10x more expensive to operate (it's like replacing a dumb ethernet switch with a xeon with network cards: you're constantly updating a stack emulating something really stupid and have to keep on-site redundancies of hardware and personal).
3. OpenRAN isn't open source: It's an open specification type thing like UEFI where the most privacy sensitive parts of the stack are made out of closed source proprietary software and hardware.
4. OpenRAN runs on commodity x86 server hardware with all the security issues that entails. When it's run on ARM, there's an hypervisor and UEFI to keep things comfortable and insecure.
5. OpenRAN gives capabilities to ISPs we don't want them to have: RAN is dumb. It's basically glorified L1 switching circuitry with a bit of L2 capabilities that can barely do rudimentary QoS. It can't go L3 into packets so it's fairly limited as a censorship and anti-piracy measure. OpenRAN, however, is a modular software-defined networking software stack. So, just throw in a better CPU and you can do whatever you want with it. And by you, I mean the ISP.
6. OpenRAN software stack is full of security holes: Read the story.
7. OpenRAN is inevitable in the US and probably the EU: There's some leeway regarding the timing and different EU members, but by-and-large, there's too many intersecting interests for the OpenRAN-powered great-firewall-of-American not to get deployed and protect us from the communist pedophiles trying to influence our elections.
compiling...
(Score: 1, Insightful) by Anonymous Coward on Sunday January 01, @02:06AM (4 children)
8. There's still no actual real-world use case for 5G over 4G anyway
(Score: 4, Informative) by RamiK on Sunday January 01, @03:13AM (3 children)
There's two legitimate real-world use cases:
1. 1080p video conferencing is stretched thin on 4g: Even with good 4g, if you're taking a video call and another guy next to you is playing on their phone, one of you is going to get lagged. And if you're on a bus/train, the calls lag between base station switches. These aren't issues with proper 5g coverage.
2. Spectrum: 5g lets ISPs serve 3 times as many customers with the same range.
3. Security: 4g has known vulnerabilities like IMP4GT that are left unfixed since the focus is the transition to 5g and deprecation of 4g.
There's also the surveillance and IoT stuff but whatever...
compiling...
(Score: 0) by Anonymous Coward on Sunday January 01, @02:56PM (2 children)
People selling new tech love to tell you that you need the new tech because number is bigger. But why is 1080p so important? What practical advantages does it provide over eg. 720p? The image is more detailed, sure, but is that necessary? For what use cases?
In my experience, the most important factors for a satisfactory video call are, in order: 1) Clear audio; 2) Clear video (eg. no smearing or artifacting); 3) Smooth video (ie. good-enough fps); 4) Enough video resolution to see facial expressions.
With the same number of towers too? AIUI 5G has a *much* shorter range, and *much* worse penetration, so to get the same coverage a lot more towers are needed, a lot more densely packed, and using a lot more electricity.
Do you expect 5G to be any better? It was developed by the same groups who did 4G, using the same processes, behind the same closed doors. There have, in fact, already been numerous security and vulnerabilities discovered in the 5G protocols and systems in the few years since its announcement.
(Score: 3, Interesting) by RamiK on Sunday January 01, @04:42PM (1 child)
The viewing distance on smartphones and tablets means anything smaller than 1080p looks pixelated. Combined with shitty cameras and bad lighting, things start getting real blocky and noisy. And if you're streaming a web conference...
Yes. 5G mid/low band frequency ranges overlap with 4G but are 3x as fast so if a provider wants to simply do an in-place replacement of all their 4g towers with 5g towers, it will be an improvement in all respects. On top of that, the additional higher frequencies (that call for additional towers) reach much faster rates and lower latency. But as you've mentioned, they can't penetrate as much. Still, they only improve things.
It is better. 5G doesn't reveal subscriber identifiers when connecting the physical level but instead issues a temporary id to negotiate encryption first. So, man-in-the-middle like stingrays don't work. The integrity and encryption algorithms themselves also saw upgrades (more bittiness so it's less easy to brute force exchanges). However, the most important thing is that they moved away from non-standard ciphers and protocols to the same stuff we use in normal internet network topology so problems get noticed and patched immediately.
Basically, 5g is just a fixed version of 4g with more speed (that you may or may not find useful or even usable depending on where you live) to justify the upgrade on the smartphone's side.
compiling...
(Score: 0) by Anonymous Coward on Monday January 02, @12:09AM
ta
(Score: 1) by Runaway1956 on Monday January 02, @01:36AM
Out in the sticks, there is no 5G. But your phone wastes battery and time searching for it. Just turn off 5G. If you can't find that option in your menu, search the app store of your choice for '4G 5G switcher', then opt for "LTE Only".
Abortion is the number one killed of children in the United States.