Menu
5G network slicing could leave flaws for bad actors to exploit

5G network slicing could leave flaws for bad actors to exploit

Missing security-validation steps in network slicing design pose a risk of serious privacy and security breaches

Credit: Dreamstime

5G networks that incorporate legacy technology could be vulnerable to compromise via a lack of mapping between transport and application layers, according to a report by AdaptiveMobile Security.

Network slicing is central to realising many of 5G’s more ambitious capabilities because it enables individual access points or base stations to subdivide networks into multiple logical sections—slices—effectively providing entirely separate networks for multiple uses.

The slices can be used for different purposes—say, mobile broadband for end-users and massive IoT connectivity—at the same time, without interfering with each other. Researchers discovered a vulnerability that, if exploited, can enable an attacker on one slice to gain access to data being exchanged on another or, in some circumstances, gain access to the 5G provider’s core network.

One simulated attack described by AdaptiveMobile as a rogue network function belonging to one slice establish a TLS connection to a provider’s network repository function (NRF), a central store of all the 5G network functions in a provider’s network.

The rogue function request access to another slice on the same network, and the NRF checks to see whether the rogue slice is allowed. Because both slices share the same network function, as far as the NRF is concerned, it’s a valid request and a token for the target slice could be generated. This could grant the malicious slice access to a great deal of information on the other slice, including personal data.

According to AdaptiveMobile, this works because the current specification for the network-slicing function doesn’t require “layer matching” between different slices on the same network. Hence, the NRF, when confronted with this malicious request, merely sees an authenticated partner asking for a valid service request, and doesn’t check to see whether the correct slice is the one making that request.

Another potential vulnerability could allow a rogue slice to perform a phantom DoS attack against another slice by manipulating HTTP-based service requests to the NRF and tricking it into thinking that the target slice is overloaded and should not be contacted.

Moreover, a further lack of identity-checking among different users and slices on the same network could allow malicious users to gain access to other data, including critical information on other customers.

The solution isn’t simple because general TLS and IP-layer firewalls don’t have the capability to differentiate which layer is talking to which, according to AdaptiveMobile. The only alternative is enforcing additional validation on communications between different layers and between layers and the NRF to ensure that these potential attacks can’t function.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags network5Gcyber security

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Show Comments