Cybersecurity: Need for new generation of services

It has become more common these days to hear about the latest security breach or denial of service (DOS) attack, which highlights the many challenges businesses face as they look to curb an increasing number of attacks passing through their IT networks.
In the telecom sector, the move towards IP-based networks has been a key success factor for mobile broadband, although this crucial move hasn’t necessarily thwarted the increasing threat of attacks on mobile networks.
Our vision of the Networked Society is that when everything becomes connected, society, industries and people will be affected in various ways. The recent Ericsson Mobility Report estimates that the global number of connected Internet of Things (IoT) devices will surpass the number of mobile phones by 2018. This means that digital opportunities and cybersecurity challenges will expand beyond human connectivity.
Every new connected device requires holistic security thinking spanning new business models, technologies, standards and regulations. The traditional principles of risk and security management, such as check-box compliance and access control, are being challenged.
Mobile network security is rapidly becoming a critical issue for operators as they transform their cellular networks to 4G/LTE – and even 5G – while adding small cells and Wi-Fi access to boost capacity and increase coverage.
Interestingly, 5G enables more IoT use cases with vastly diverse requirements, some of which support machine-to-machine (M2M) communications with ultra-reliable connectivity. Other use cases are optimised to enable long battery life and very low cost. Essentially, these requirements call for a new generation of services with a new set of cybersecurity challenges.
An all-IP network and Wi-Fi access from untrusted public hotspots and access points expose every mobile network to new threats that can impact service and compromise security.
As wireless networks and ICT infrastructure continue to expand and become increasingly mission-critical for large industry and society, it’s imperative that mobile operators protect their infrastructure – when operators want to offer new cloud services that connect to networks other than their own, a whole range of new security risks must be addressed.
With more data residing in the cloud, traditional perimeter protection will no longer be enough. When data flows across organisational boundaries and nations, it must be protected at all stages; when it is generated, stored, transmitted and used. This must be done over both trusted and untrusted infrastructure.
By devising a security strategy that segments the access networks (cellular and Wi-Fi) from the core network, using an enhanced security gateway ensures that mobile operators can better protect themselves and their users from hacking and unwanted attacks.
Secure gateways support various tunnelling authentication and encapsulation methods, integrated firewalls, as well as high availability and network resiliency. Secure gateways must provide encryption functions with the scale that’s needed to support both new access connections from small cells and Wi-Fi access points, and private network connections to enterprise and cloud networks.
The bottom line is that although mobile networks are open to attacks, channel jamming and message forgery, modern security features are able to prevent intrusion by integrating a security architecture that provides authentication, confidentiality and integrity.
Important to note is that although modern 3G and 4G/LTE network infrastructure provide good security features, there are always new security issues that arise. It is therefore prudent for operators to investigate, improve and roll out measures that add new security layers capable of meeting the demands of the next generation of mobile network infrastructure.

Chafic Traboulsi,
Head of Ericsson Networks,
Middle East and Africa

 

Leave a Reply