French President Macron sues billboard owner for depicting him as Hitler    Ever Given, the ship that blocked Suez Canal, makes it to port    Bahrain court jails bank officials for money laundering    Saudi Arabia opens doors for vaccinated tourists from Aug. 1    Economy minister: Opportunities will exceed $3 trillion within 5 years    Prince Abdulaziz: Saudi Arabia will be engine for digital transformation in energy sector    'Infuriating': British expats in France slam UK's quarantine decision    King Hamad meets Qureshi, hails historic Bahrain-Pakistan relations    Surgery to separate girl from parasitic twin successful, says Al-Rabeeah    Bu Arish sets his new record with 55th rank in men's 100m butterfly    Two planes carrying Saudi COVID-19 medical aid arrives in Malaysia    Simone Biles says fans' support helping her realize she's more than gold medals    Hidilyn Diaz wins Philippines' first Olympic gold medal with weightlifting    Saudi exports jump 120% to SR82.2 billion in May    UAE government starts granting 'golden' visas to resident doctors    Naomi Osaka bounced out of Tokyo Olympics    Progress on tobacco fight, but new nicotine products pose increasing threat    KAMC in Makkah performs 6th artificial heart transplant surgery    Clubhouse says no data breach after reports of 3.8bn phone numbers of users being sold    Custodian of the Two Holy Mosques Directs KSrelief to Urgently Provide Malaysia with Medical, Preventive Equipment and Supplies to Address COVID-19 Pandemic    Weather Forecast for Sunday    Custodian of the Two Holy Mosques Congratulates President of Maldives on Independence Day    RSNF Commander Patronizes Ceremonial Launching of His Majesty's Ship "Jazan"    OIC Condemns Houthi Attempts to Target Civilians in Saudi Arabia    Kuwait Records 987 New Infections of Coronavirus    Philippines evacuates thousands as monsoon rains flood cities, provinces    Heavy rain in India triggers floods, landslides; at least 125 dead    Without Fans, Tokyo Olympics Kicked Off    Pilgrims Perform Dhuhr and Asr Prayers at Arafat Holy Site    Dr. Mohammed Sulaiman Al-Jasser, Saudi Arabia's Pick to Chair IsDB Group for the next five years, unanimously approved by BoG Committee of Procedures    Britney Spears says she won't perform while under father conservatorship    Saudi Press: Fitch affirms Saudi Credit Rating at "A" with a revised outlook to stable from negative    Handled Cargo at Saudi Ports Increases during June 2021    SDAIA, DARP & STC Launch Pilgrim's Smart Bracelet (NUSK)    Tabuk sculptor spends 8 years in carving entire Holy Qur'an on 30 marble slabs    2 Goals by Diaz Gives Colombia 3rd Place at Copa America    Yusuf Khan is dead, long live Dilip Kumar    Legendary actor Dilip Kumar, 98, passes away, and with him an era    Saudi Cinema Night at Arab World Institute in Paris Kicks Off    KSU Leads Joint International Scientific Project for Early Detection of Breast Cancer    Saudi Arabia to Participate in Cannes Film Festival 2021    Arab Cup U-17 Championship Draw Saudi Arabia, Morocco, Palestine, Kuwait, in the 1st Group    Bollywood star Aamir and wife Kiran separate after 15 years    AWI Hosts Saudi Cinema Nights in Paris    Saudi Uner-20 Football National Team Beats Egyptian Counterpart to Qualify for Arab Youth Cup Championships' Final    Council of Senior Scholars: Muslim Brothers' Group Don't Represent Method of Islam, rather only Follows its Partisan Objectives, Violating our Graceful Religion    Eid Al-Adha Prayer Performed at the Grand Holy Mosque    Pilgrims Perform Dhuhr and Asr Prayers in Arafat Holy Site    

Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.

stc, Nokia join forces to raise security awareness in telecom industry
Published in The Saudi Gazette on 18 - 06 - 2021

5G is more than a radio access technology. It is a new architecture with far greater agility in all domains. The capacity, latency, agility, reliability, and speeds offered by this technology makes it applicable to Communication Service Providers and all industry verticals. The future vision for 5G and IoT is not just about connecting individual devices; it is an enabling technology in the 4th Industrial revolution that will deliver societal change.
5G will underpin several critical use cases, from industrial automation, through public safety service to support utilities or connected cars. The understanding of critical infrastructure has evolved in recent years to encompass government networks and data centers, the infrastructure used by providers of basic products and services such as energy, food, raw materials, railways, airports, telecoms, banks, internet exchanges, water utilities, and hospitals. And finally, infrastructure that is critical for high-value enterprises or of key strategic importance for the nation's economy.
Experts from both stc and Nokia joined forces and authored a paper in an attempt to raise security awareness in telecom industry, provide an overview of 5G security implications, and demystify some of the common topics around the subject.
Saudi Arabia is leading in the adoption of 5G technology with coverage planned for almost the entire Kingdom, paving the way to becoming one of the world's leading Digital Economies.
"stc's 5G deployments were carefully designed with security at the core, with the goal of enabling Saudi national digital transformation via secure infrastructure, without which, no digital economy can survive in today's cyber reality. We believe that enriching the industry with what we have learned is vital to the Cybersecurity knowledge library," explained Eng. Yasser N. Alswailem, vice president of cybersecurity at stc.
"Active cooperation between involved stakeholders is vital at national, regional, and international levels to implement resilient and secure digital infrastructure. Our collaboration with stc on this important topic gave us the opportunity to share together our respective views about 5G security implications regarding the assets that need to be protected, the threats and risks that we need to protect against, and most importantly, the most common mitigation steps to minimize those risks," said Khalid Hussain, country senior officer and stc business group head at Nokia.
What is at stake?
Any network security event can have massive implications, especially in 5G because of a broader range of use cases, including mission-critical and public safety services. Imagine a production halt in a smart factory because of network snag or malware bringing down the autonomous vehicle at a standstill. Adopting measures to protect the network needs to be part of network architecture and design.
Right from loss of availability of the communications services, leak of confidential information of the users to loss of network integrity are some of the impacts of security incidents in any network.
The loss of integrity is the third and high-level information security threat. It compromises the integrity of the network and can be used for data leaks or misuse of confidential information and even impacting the availability of the network services.
There are several ways in which high-level attack vectors can harm the network. Radio interface jamming or flooding attacks, types of Denial of Service (DoS) attacks and exploiting flaws in design, implementation or configuration of the network are common ways of network attacks.
Malicious elements can also create and exploit a backdoor within a network. Any flaw or gap in the operational procedure can also add to network vulnerability. It is crucial to remember that while these methods can be used to attack any type of network, the damage of such attacks on the 5G network is much more severe.
What do we need to protect?
Ensuring security for 5G demands a fundamentally different approach. The 5G networks are complex, combining both physical and virtual infrastructure. Further, tighter integration of telecom and IT infrastructure, services, and operations in a 5G network demands a holistic look at 5G security than ever before.
Many traditional network elements of 4G are replaced in 5G by Virtual Network Functions (VNFs) and cloud architectures. 5G delivers the whole network as a Service (NaaS), which is enabled by service-oriented architecture, VNFs, cloud core, and dynamic network orchestration/slicing. 5G network elements, therefore, need to be protected against security incidents at both physical and logical layers.
It must be understood that the criticality of networks and specific network elements should be evaluated based on (potentially disrupted) applications underpinned by those networks. Even a short failure in connectivity in a limited geographic area or an impact on latency requirements for a critical service could result in a deadly consequence (consider disruptions of connected car services). As such, undisrupted access to connectivity becomes as crucial as access to electricity.
Apart from the infrastructure, it needs to be stressed that any compromise of the management systems can also potentially have a massive impact on the overall network. With control over the management systems, attackers with appropriate privileges can shut down the network or access sensitive data.
Protecting against threats
"It is extremely important to be mindful of the cybersecurity risks and to take all appropriate steps to minimize such risks relying on standardized security features and additional solutions available on the market," emphasized eng. Eng. Alswailem of stc.
More broadly and depending on the overall network architecture, a combination of three different mitigation scenarios and frameworks are required. The first is 3GPP-specified security architecture which includes an access-agnostic authentication framework and enhanced subscription privacy and user plane protection, among other features.
In the second category of network security not specified by 3GPP, it is imperative to adopt a holistic, automated security management and orchestration approach. Lastly, robust implementation of the virtualization layer and the overall cloud platform software, among other measures, will help in enhancing the security of the 5G network.
Operators and vendors of the mobile networks industry defined the Security Assurance Methodology (SECAM) in 3GPP standards organization. On this basis, NESAS was developed within the GSMA. Some national cybersecurity authorities are involved in the process as well. NESAS is the most suitably global security assurance scheme, and adopting it brings benefits for operators through the reduced effort for tender with security by default and measurable security.
NESAS also brings uniform security requirements for vendors for network equipment and demonstration of commitment to secure product development and maintenance. Finally, governments benefit from a developed scheme, supported by the industry, introducing basic cybersecurity "hygiene."
"Globally or at least regionally accepted certification schemes are preferred. This will promote innovation and reduce overhead. The GSMA NESAS (Network Equipment Security Assurance Scheme) is a promising scheme that has the potential to become one such global certification scheme using 3GPP standards," said Brahim Ghribi, head of government and policy affairs for the MEA region at Nokia.
As we have embarked on our global journey in Industry 4.0, 5G is the key enabling technology for the future, and along with cloud, AI, and robotics, it will make it possible to interconnect the physical, virtual and biological worlds. These are exciting times, and with this opportunity ahead of us, we must ensure we can keep pace (literally) and leverage the full benefits of 5G, he added.
Network paradigms are shifting, and the 5G network heterogeneous architecture will comprise of multiple access and infrastructure (physical and virtual) technologies that will require special attention from a cybersecurity perspective.

Clic here to read the story from its source.