The military sees 5G as the future that, if not adopted quickly, will harm our national security and industrial supremacy. However, what are the evolved security challenges that the department of defense must prepare for to accommodate this shift? Scott Aken, the CEO of Axellio, explores new risks and how the military seeks to manage them.
The department of defense (DoD) anticipates 5G transforming supply chain, logistics, and battlefield applications. 5G is vital to realizing the US DoD Joint All Domain Command and Control (JADC2) program’s objective because it is the first wireless end-to-end solution that considers the whole communication supply chain from end-devices to cloud computing. JADC2 unites applications and sensors from all military services into one network to share information for faster reaction, more efficient communication, and cost savings. Because current networks cannot adequately solve this issue, 5G offers a chance to address the DoD’s concerns that current Command and Control initiatives are too narrowly defined, complex, and siloed.
5G can connect a wide variety of endpoints, from mobile phones to sensors and control devices (IoT and MIoT) and vehicle connectivity. 5G provides special military-friendly features, unlike 3G and 4G. Its high-speed/high-bandwidth capabilities are a perfect fit for battlefield imagery reconnaissance. Its low-latency communication means it ensures the delivery of time-sensitive data, such as the control of robotic devices. 5G is also less likely for adversaries to detect the 5G communications from afar since it has a shorter reach.Â
5G Changes Everything for Military Communications
While 5G uses much of the 4G network infrastructure, it takes a much more thorough approach to delivery and security. In reality, 5G is an end-to-end network that combines numerous sophisticated technologies for quicker, more reliable, and secure transmission. The 3GPP industry group created an end-to-end architecture for virtualized and cloud-based application delivery that blends multiple wireless access services with a multi-layer network strategy.
5G utilizes software-defined networking (SDN) and network functions virtualization (NFV) to virtualize the network transport to provide many levels of security that preclude 4G exploitations. This approach offers the flexibility and security needed to build routing paths using virtualized network services for mobile end-devices connecting with a highly distributed and dynamic application environment.
With 5G, the biggest difficulty is also the greatest strength – more devices, apps, and services are delivered over the same network, offering a larger attack surface. Many of those devices are non-conventional endpoints like sensors, military, or IoT devices, making traditional security paradigms like updating operating systems and adding end-point protection impractical.Â
5G addresses those challenges by defining an end-to-end security concept that exceeds any previous wireless access technologies through a multi-layer approach:Â
- All user and control traffic is encrypted, even the initial authentication, avoiding identity tracking or theft. End-device and application can overlay additional end-to-end encryption, providing another layer of application-specific security, which is especially important in military applications.Â
- The impact of DoS attacks is minimized through network slicing, the ability to isolate and split the network into different virtual infrastructures based on services or devices used. This provides the ability to isolate the virtualized infrastructure within each slice, minimizing the effect of a DDoS attack on a small part of the network. Using ML-based anomaly detection, each service is supervised and can be throttled to control the impact of an attack better. Dedicated anti-DoS gateways further isolate and protect different parts of the network.Â
- The most impactful tactic is the application of the Zero Trust approach, the concept that no user, device, application, or data flow is trusted and that any new communication relationships have to be authenticated. This is further enhanced through the requirement of Zero Trust Security, which demands automatic security embedded in every device as part of the device configuration.Â
Risks and Concerns
5G is the best example of end-to-end security incorporated into its specification. This is also its Achilles heel – a more secure but distinct strategy for networking, application delivery, and securing communication. Â
Implementing these 5G networks requires a wide collection of suppliers. It’s challenging due to a lack of standard interfaces and immature technology. Vendor-specific, tailored solutions frequently target specific verticals and use cases. Standard and open-source software are immature.
A new generation of 5G also poses new visibility issues. IT operations departments still struggle to design, maintain, and secure today’s commercial cloud and virtualized infrastructures. The scale and complexity of new 5G networks will not help.
Additionally, massive increases in end devices and traffic will overwhelm today’s networks and security monitoring systems. We also have to consider that manufacturers generally design interconnecting end-devices not initially built for communications networks with experience in the core technology, such as producing drones, but not in implementing wireless communications for swarm computing and analysis.
Vendors, commercial companies, and defense agencies also lack wireless development and operation capabilities, knowledge, and headcount. 5G combines wireless, networking, security, and application infrastructure technologies. In cyber security, demand outstrips supply and education is dispersed.
See More: 5G Security in the Spotlight: Can it Help Sustain Future IoT Applications?
Defending Innovation
These issues can be solved, but they may take years or decades. In the interim, when 5G wireless networks are deployed, these challenges must be addressed to enable a secure connection. The government, especially defense initiatives, pushes disparate organizations to work together by supporting R&D and fostering cooperation. We must avoid constructing vertical solutions that solely handle communications problems in one location, negating the goal of a uniting network.
5G draws on prior wireless, networking, and application delivery technology experiences and failures, but to adequately defend 5G networks, providers must make those concepts real, maintain interoperability, and cooperate across vendors and economies, especially for military users.Â
Especially in the early stages of the 5G roll-out, it is essential to avoid compromises of the infrastructure. As many new devices are introduced into the network, they often lack the complete security protection envisioned in 5G. Relying on end devices and perimeter defense is therefore insufficient. Building more network traffic visibility and monitoring for in-depth real-time and historical security analysis is essential.Â
Network detection and response (NDR) solutions have been increasing visibility by monitoring traffic across the network and all end devices – whether secured or not. This approach also extends visibility into adjacent activities by the threat actors that may be missed through conventional means of perimeter and end-point defense solutions. Being able to capture this traffic allows for deeper and repeated analysis and even to validate the mitigations put in place.
How are you managing security risks with network evolution? Tell us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to know!