5G Networks are Worryingly Hackable

upstart writes:

A shift to the cloud is opening the industry up to new attacks:

Prominent tech firms like Microsoft and NEC have recently expressed concerns over the security and perhaps too-rapid adoption, respectively, of critical 5G technologies. Now German security researchers have given some substance to the industry's fears and unease.

At a hacker conference held in the Netherlands last month, Karsten Nohl, founder of Berlin-based Security Research Labs, outlined how his team had breached live 5G networks in a series of "red teaming" exercises-where hackers are hired by a company to test their defenses. In most cases they were able to take control of the network, he says, potentially allowing them to steal customer data or disrupt operations.

The hacks, revealed at the May Contain Hackers 2022 event (a.k.a. MCH2022), were made possible thanks to poorly configured cloud technology, which is playing an increasingly important role in 5G networks. Nohl says many telcos are inexperienced in how to protect such systems, and his team found that operators had failed to apply basic cloud security techniques that could help mitigate hacks.

The push toward Open RAN, virtualization, and "cloudifcation" unlocks more choice and functionality for 5G operators. It has also thrust them into the unfamiliar role of system integrator, suddenly responsible for securing the entire supply chain.

"5G has swept over telcos with all its implications, and nobody seems well prepared," says Nohl. "We are introducing new technology into mobile networks, and those technologies can greatly enhance the security of our mobile networks. Or they can basically destroy any hacking resistance we've built up over the years. People are not aware of those choices."

Read more of this story at SoylentNews.