AdaptiveMobile Security has announced a trio of interconnected 5G security platforms that allows carriers to protect against internal and external security threats to their 5G infrastructure. This is the first unified 5G network security offering, bringing together a combination of cybersecurity capabilities that operate in unison to secure 5G networks, slices, vertical APIs, and subscribers.
Increasingly sophisticated attacks are likely to target 5G networks and security for such networks is an order of magnitude more complex than any previous mobile technologies. The attack surface is bigger, telecom and internet protocols are converging, and the attacker tools are more widely available. 5G networks must therefore be secured at the interconnects with external networks and systems deployed to prevent nation state adversaries and criminal organizations using other perceived ‘trusted’ networks to execute missions against an operator’s 5G infrastructure. The networks need to be protected internally from rogue slices compromised by threat actors and new application APIs exposed by 5G networks must be secured to avoid creating new attack vectors.
AdaptiveMobile Security’s latest 5G network security portfolio encompasses Enhanced Security Edge Protection Proxy (eSEPP) to secure both interconnected network and other network infrastructure in a mixed 4G/5G network deployment; Enhanced Service Communication Proxy (eSCP) to enforce security zones inside the core network; and the AdaptiveMobile Security Vertical API Protector, which secures the Northbound interface by verifying signalling and control communications in order to protect 5G network APIs from threat actors.
“As it currently stands, we do not appear to have learned the security lessons from 3G and 4G. Security in 5G networks is not built-in as promised and major vulnerabilities have been exposed even before the technology has been deployed,” said Brian Collins, CEO, AdaptiveMobile Security. “5G network core technologies will be fundamentally insecure, and operators face having to protect their networks from both existing and emerging threats. Attackers already have access to the tools and techniques that are known to be effective, exploiting the IT protocols on which 5G architectures are built. Trust is not a security or a business strategy – governments, regulators, mobile operators, and network equipment vendors must all step up and secure the critical infrastructure of 5G networks. Nation-states and cyber-criminal adversaries will take advantage of any security gaps in mobile networks with catastrophic consequences for nations, networks, enterprises and subscribers.”