Don’t let the “5G” in the title confuse you. This post is not only about the telcos’ core networks, but about the 5G security and privacy issues in our (very) near, and very different future that 5G will enable. In the 5G-enabled massive Internet of Things (mIoT) world we’re about to find ourselves in, we are expected to have 1000 devices connected for every person… These devices will be the components of the ‘5G operating system’ for our smart cities, our industry 4.0, our smart homes, smart transportation, smart healthcare, and much more. To enable this future, we will need to have a complex symphony of computing going on across devices themselves, “fog” computing, enterprise and telco data centers, public clouds – all playing a role in every one of the majority of use cases, all being dynamically spun up and down and accessed through virtualized networks. And the orchestrators of this complex symphony will be none other than complex AI systems. This brave new world is already here, and it poses unique cybersecurity challenges that will render our past cybersecurity paradigms obsolete.


5G is the next step in the evolution of mobile communication. More than just a quantitative evolution similar to previous generations, 5G will provide completely new capabilities for a myriad of new use cases on a large variety of devices across many new industries. Our future civilization will run on 5G. 5G networks will change the market landscape, influence stakeholders’ relations, and process much of the world’s business in real time; think medical procedures, financial transactions, remote industrial automation, military operations or delivery of local emergency services. It comes as no surprise, then, that 5G is expected to become the most critical infrastructure.

5G World Map
Figure 1: 5G coverage (field trials) as of 1st April 2019. Source: 5G.Security

The first phase of 5G specifications defined in 3GPP Release 15 has to be completed in the second quarter of 2019 to accommodate the early commercial deployments already starting to happen. The second phase of 5G specifications in 3GPP Release 16 is due for completion by April 2020.

5G networks are expected to serve about 7 trillion of heterogeneous connected things. Compared to previous generation of mobile communication, 5G infrastructure we are building now must achieve this scale while providing:

  • 1000 times higher wireless area capacity and more varied service capabilities;
  • Creating a secure, reliable and dependable Internet with a “zero perceived” downtime for services provision;
  • Up to 100 times higher user data rate;
  • Up to 10 times longer battery life for massive IoT devices;
  • Up to 5 times reduced end-to-end latency; and
  • Address diverse requirements such as higher speeds for enhanced Mobile Broadband (eMBB), Ultra-reliable and Low-latency communications (URLLC), and large density of connections and long battery life for massive Machine Type Communications (mMTC).

The one-network-fits-all concept must answer these demanding and ambitious objectives. This is why 5G is also a technical revolution. 5G build out is much more challenging, abrupt, innovative, and meaningful than previous versions. 5G includes major changes to all parts of the network, such as core and management systems, as well as all protocol layers ranging from radio to applications. It brings about a convergence of numerous heterogeneous technologies and new technical solutions. As a result, cybersecurity is affected everywhere.

Some expected 5G technical attributes are:

  • Millimeter-Wave communications with new waveforms – same in UL (Uplink) and DL (Downlink);
  • Massive MIMO (Massive Multiple In Multiple Out) with beam-forming and beam management is available due to frequency range – wavelength, size of antenna and spacing characteristics;
  • Network slicing – provides a way for service providers to enable Network as a Service (NaaS) to specific subscriber groups, giving them the flexibility to manage their own devices and services according specific needs;
  • Very high throughput (1-20 Gbps) – eMBB (Enhanced Mobile Broadband) supports 3D video transmissions with 4K or 8K resolution screens, online gaming etc;
  • Ultra-low latency (<1ms) – important for mission critical services such as augmented and virtual reality, telemedicine and healthcare, intelligent transportation and industry automation;
  • Massive connectivity for vehicles, mobile subscribers, enterprises, IoT etc;
  • High availability and dense coverage capable of providing unlimited connectivity for billions of different subscribers; and
  • Low energy consumption with up to 10-year battery life for M2M (Machine to Machine) communications.

To deliver these capabilities, 5G is equipped with a new air interface that supports heterogeneous access networks and handles variable bandwidths. Packet core network upgrades are also implemented, where traditional and mobile services share an infrastructure for service delivery and operational efficiency.

5G security challenges in architecture

Some of the most important 5G architectural changes are in:

  • the physical structure of the network (to provide low latency and localization);
  • networking functions virtualization (components are placed across distributed edge and centralized core clouds); and
  • implementation of flexible software-based architecture technologies such as SDN (Software Defined Networks), SDA (Software Defined Access) and SDR (Software Defined Radio).

5G architecture requires implementing some new networking concepts and adapting some existing ones. Architectural evolution is recognized primarily as adaptation to cloud / “fog” operations and network virtualization.

One of the key ways this adaptation is facilitated is by Control Plane and User Plane separation (CUPS). It isn’t a new concept in the wireless world but it has become the integral part of the 5G standard because of the technology’s ability to distribute the network code elements throughout the network, leading to greater function utilization.

5G, therefore, will be able to connect considerably more devices – up to one million per square kilometer – which means powerful increases on network processing, but also significantly more network end points. This spreads the potential attack surface for cyber criminals by creating more possible openings through which they may penetrate the network. Complexity itself becomes a vulnerability – the more connections there are in a system the more difficult it is to hold a clear and protective view of that system. The same applies to 5G infrastructure, such as base stations and related systems. To make things worse, connections from your organizations’ IoT estate might go through a number of providers.

And so would computing. 5G will facilitate edge computing, which takes computing away from the ‘core’ of the network and places it at or near the source of the data. Mobile Edge Computing (MEC) reuses the CUPS architecture to allow the user plane functions and applications to be placed closer to the network edge. This is partly what makes 5G’s sub-5 ms latency possible. Compute would likely be orchestrated across devices themselves, enterprise’s data centers, “fog” or close-to-edge computing, device vendors’ data centers, public cloud, etc. all owned and managed by different providers. All this means that engineers will struggle to maintain the same level of security as when all primary processes are concentrated close to the computing core that they control. If perimeter security is not dead already, it will be with the arrival of 5G and mIoT.

Cloud Radio Access Network (CRAN), an innovative cloud-based architecture for radio access networks, uses a form of control and user plane separation. The result is split access architecture. Some access network functionality is performed virtually in a “central” edge cloud location, while other processing is done in a remote “physical” location. This enables a front haul and back haul split in the transport network. CRAN has significant advantages over previous architectures in terms of lower power consumption, reduced base station numbers, and costs. As a wireless network it faces all common wireless network security threats such as spectrum sensing data falsification, primary user emulation, and others. Being a novel network architecture it is also facing new security threats and trust problems that the industry hasn’t dealt with before. 5G adoption is making it everyone’s problem as well.

The CRAN architecture combined with network slicing offers the potential for more flexible 5G use cases.

Network slicing, another highly-anticipated feature of 5G networks, will enable the creation of multiple virtual networks on top of a common shared physical infrastructure. Network slicing is expected to be a fundamental architectural component of the 5G network, fulfilling the majority of 5G use cases. Pieces of the network can be attributed to specific domains or use cases, such as specific critical infrastructures, allowing more efficient and reliable network operation. But this will create new security challenges as each virtual network slice could demand unique security capabilities that need to be managed in a coordinated manner. At the minimum, the expectation will be that network slices will be highly isolated in order to prevent malicious attacks and the spread of vulnerabilities or faults to other intra-slice and inter-slice components.

If you are struggling today with understanding the risks of your mission-critical virtual machines being “escaped from”, imagine the complexity of proving the same for a network slice – a fully virtual slice of networking and computing that could cut across from a public cloud, through core, transport and access networks, all the way to your edge devices, and which is mostly outside of your control.

Artificial intelligence (AI) in the form of machine learning and deep learning has significantly improved internet and security protection. AI has potential for 5G telecom carriers too. It will allow them to optimize their investment and reduce costs by driving accurate 5G network planning, producing capacity expansion forecasts, accessing coverage auto-optimization, enabling dynamic cloud network resource scheduling, and delivering 5G smart network slicing. Over the coming years, AI will help carriers transform from the current management model based on human capabilities to a self-driven automatic management model. With this evolution they will truly achieve smart transition in network operation and maintenance.

This presents new challenges that neither telecom nor cybersecurity professionals have ever dealt with, such as AI “black boxes”, the inability to test AI for intentional backdoors, or adversarial learning, which is remote reprogramming of the neural network algorithms.

In 5G, the security landscape becomes more complex, with network architecture more flexible, logically divided and connected to the Internet. At the same time, applications, cloud, data center, network and endpoints all should be treated as a secure integrated system.

Securing data center and cloud components becomes critical as mobile network components are virtualized and potentially deployed on an NFVI (Network Function Virtualization Infrastructure).

Since cloud computing systems facilitate the sharing of resources among users, it becomes possible for any such user to spread malicious traffic that compromises the performance of the system, to consume more resources, or to gain unauthorized access to the resources of another user. Similarly, in cloud networks where different entities run their own control logic to achieve requested functionality, interactions can cause conflicts in network configurations.

Mobile Cloud Computing (MCC) migrates the concepts of cloud computing into 5G ecosystems. This creates a number of security vulnerabilities mostly attributed to the architectural and infrastructural modifications in 5G.

Some other representative security challenges of 5G architecture are:

  • User equipment threats – malwares, sensor susceptibility, TFTP (Trivial File Transfer Protocol) MitM (Man in the Middle) attacks, bots DDoS (Distributed Denial of Service), firmware hacks and device tempering.
  • Air interface threats – MitM attack and jamming.
  • Typical RAN threats – MEC server vulnerability and rogue nodes.
  • Representative backhaul threats – DDoS attacks, CP/UP sniffing and MEC backhaul sniffing.
  • Packet core and OAM (Operation, Administration, and Maintenance) threats – virtualization, network slice security, API (Application Programming Interface) vulnerabilities, IoT core integration, roaming partner vulnerabilities, DDoS and DoS attacks, and improper access control.
  • SGI (Service Gateway Interface)/N6 and external roaming threats – IoT core integration, VAS (Value Added Services) integration, Application server vulnerabilities, Application vulnerabilities, API vulnerabilities.

Additionally, 5G subscribers are recognized in different use cases such as M2M, Industry automation, IoT etc. These devices use different radio access technologies and are equipped with different security features. Such devices are susceptible to MitM attacks, firmware and OS (Operating System) hacks, snooping and sniffing attacks, botnet type attacks, etc.

5G security and encryption

Encryption is affecting 5G security too. And other way around. In an increasingly digital world, encryption has become the primary mechanism for securing information.

However, while encryption techniques were developed to enable enterprise security over the Internet, they are now being co-opted in service of cyber-attacks. Gartner predicts that encryption will be used in more than half of new malware campaigns in 2019 and more than 70 percent in 2020.

The security of mobile, cloud and web applications depends on proven and optimally implemented encryption mechanisms, including their keys and certificates. But, threat actors are updated with the latest encryption mechanisms as well.

Network visibility becomes more complex. Where encryption is used, the network operator’s ability to analyze the traffic and conclude if it is malicious is limited. Security solutions need to provide estimates about protected and unprotected traffic by encryption, while simultaneously estimating what traffic is contaminated and what is not. With deep packet analysis not being viable any more due to the encryption, as well as the volume and speed of data, other technical solutions such as intra-flow metadata (Encrypted Traffic Analytics) should be explored.

Quantum computing may take root within the next decade, but the growth of 5G infrastructure is far more imminent and certain with an expected service life way past the expected arrival of quantum computing. Which means that the risks of quantum decryption need to be addressed now. Quantum technology is expected to be capable of breaking 99% of the encryption used by today’s enterprises, including data stored on a digital Blockchain. This means that governments and ICT stakeholders will need to upgrade to quantum-resistant cryptography soon, before quantum computers become available. SK Telecom, South Korea’s largest mobile operator has already developed Quantum Key Distribution (QKD) technology for its 5G network.

5G and Privacy Issues

Protection of personal privacy is a critical aspect of 5G security. Challenges include access to location information, or leakage of personal voice, health, and lifestyle data.

Location Privacy

As the use of positioning technologies has become more widespread, mobile applications using Location-Based Services (LBSs) have contributed more and more to mobile big data. This has raised important privacy security issues. Users usually need to submit some personal information to the trusted LBS server to obtain the service data, and traditional procedures assume that this information is discarded immediately after use. However, the data may be cached and reused in the future, exposing it to increased threats. Privacy requirements need to be elevated, and breaches prevented by stopping certain queries from being sent directly to the server.

WiFi localization based on fingerprint is considered to be a promising technology for indoor localization. However, mapping the recorded fingerprint to the service provider’s database could be used to divulge a subscriber’s location.

Threats such as semantic information attacks, timing attacks, and boundary attacks mainly target the location privacy of subscribers. At the 5G physical layer, location privacy can be affected by inappropriate choice of available access point algorithms.

Data Privacy

Generally, subscribers allow service providers to access their data without awareness of the privacy risks of sharing their data or an understanding of how their data will be used. They are often left with no choice but to trust that private data are being handled properly by the service provider, and are not redirected to unauthorized destinations. However, if users were more aware of and more knowledgeable about privacy risks, they would be able to make wiser choices about where and how they share their information.

Even personalized privacy policies can include sensitive information desirable to privacy attackers.

Most smartphone applications require details of subscriber’s personal information before installation. The application developers or companies rarely mention how data are stored and how they are going to be used. International Mobile Subscriber Identity (IMSI) catching attacks can be used to uncover the identity of a subscriber. Such attacks can also be initiated by setting up a fake base station, which the user’s device recognizes as the preferred choice with which to share the subscriber’s IMSI.

Moreover, 5G networks have different actors such as Virtual Mobile Network Operators (VMNO), Communication Service Providers (CSPs) and network infrastructure providers. All of these entities have different priorities for security and privacy. Synchronizing these disparate privacy policies will be one of the chief challenges of 5G privacy.

In previous network generations, mobile operators had direct access and control of all system components. However, 5G mobile operators do not have full control of the system, as it is logically and physically dislocated. User and data privacy are seriously challenged in shared environments, where the same infrastructure is available to different stakeholders. Moreover, there are no physical boundaries of a 5G network, because cloud-based data storage and NFV features are implemented.

Sensitive Information

Social networks attract a lot of users, and social network data contain users’ sensitive information, such as social relationships, social habits and personal data. This data is stored in different forms. For example, since images contain rich and colorful content, image search has been deployed in a wide variety of applications. In the era of big data, many small organizations choose to outsource image search to public clouds to reduce costs. This creates increased opportunity for privacy breaches. Many images contain sensitive information, such as personal identity, locations or healthcare information – storing these with appropriate protection is a major concern.

The integration of Internet of Things (IoT) and cloud computing is becoming a key driver of digital transformation in the healthcare industry. The emergence of cloud-assisted e-healthcare systems enables patients to supply their personal health information (PHI) to high quality and efficient medical services. While this paradigm shift has brought new opportunities and many benefits to healthcare organizations, it has also raised a number of security and privacy issues.

There are also regulatory aspects of security which affect 5G architecture. For example, in order to comply with the GDPR, any company in Europe which collects, stores and processes personal data has a number of obligations. Failure to comply with the GDPR can have significant consequences. Only a secure and threat-centric approach to 5G architecture can ensure conformity to GDPR.

Effective 5G security cannot be achieved through a one-size-fits-all approach. Different 5G system entities will have different security needs – understanding this will be foundational to building secure network operations.

5G Security Conclusion

Yes, 5G will enable new use cases that aren’t available today, with huge potential benefits for the world at large. But it will also create new opportunities for those who wish to exploit this new technology. As potentially the most critical of critical infrastructures, it will also need to be the safest and most secure. Understanding how enormously different 5G cybersecurity challenges are from the traditional ones is the first step.


[1] The 3rd Generation Partnership Project (3GPP) unites seven telecommunications standard development organizations (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC) and covers cellular telecommunications network technologies, including radio access, the core transport network, and service capabilities – including work on codecs, security, quality of service, and thus provides complete system specifications.

marin@5g.security | Website | Other articles

Marin Ivezic is a Partner at PwC (PricewaterhouseCoppers) specializing in risks of emerging technologies. He leads PwC’s global 5G cybersecurity efforts. He also leads cybersecurity for the Telecommunications, Media & Technology sector; and Industrial, IoT, Critical Infrastructure & Cyber-Kinetic security capabilities in the region. All these focus areas are being transformed with the emergence of 5G. Marin worked with critical infrastructure protection organizations in a dozen countries, 20+ of the top 100 telecom companies, and a number of technology companies on understanding the geopolitics of 5G; uncovering as-yet-unknown security and privacy risks of 5G, AI and IoT; and defining novel security and privacy approaches to address emerging technology risks.

luka@5g.security | Website | Other articles

Luka Ivezic is an independent consultant and author exploring geopolitical and socioeconomic implications of emerging technologies such as 5G, Artificial Intelligence (AI) and Internet of Things (IoT). To better observe policy discussions and societal attitudes towards early adoptions of emerging technologies, Luka spent last five years living between US, UK, Denmark, Singapore, Japan and Canada. This has given him a unique perspective on how emerging technologies shape different societies, and how different cultures determine technological development.