The UK telecoms security bill: A signal of change in the global 5G industry?

Following the introduction of the Telecommunications Security Bill in the United Kingdom, the stakes for security compliance have never been greater. As Jimmy Jones, telecoms cyber security expert at Positive Technologies says, many have focused on the complete ban on Huawei’s involvement in the UK’s 5G network, which is a major aspect.

However, the situation with Huawei has been front and centre for some time, thus it may be a moot point as the exclusion of their equipment has potentially been accounted for in 5G network planning. In truth, the more important details that operators should be focused on are the heightened security responsibilities they now face.

EU and US security theme

While the UK is the first to move towards legislation, it is only following the theme of others, such as the European Union and the United States. The intention to increase and quantify security in telecom networks is palpable across the globe.

Following a 5G conference in Prague in 2019 that was attended by 32 countries, the EU unveiled their EU Toolkit, which was designed to give member nations a set of measures to alleviate the risks that 5G networks present. Shortly thereafter, the US Cybersecurity and Infrastructure Security Agency presented a strategy document of their own.

Now the UK has taken things one step further by enshrining these powers in law and putting the onus on telecoms operators, with fines of £100,000 (€ 110,690) a day or 10% of revenue for non-compliance. High security standards will now be government mandated and paramount, a change for the industry from setting their own standards of security gaps. This legislation represents the logical next steps of the previously published regulatory documentation; therefore, it’s likely these principles will be replicated globally.

Security in 5G networks

It’s critical that security is delivered in 5G networks due to the huge increase in connectivity it ushers in. More connectivity means more varied services and more devices relying on network resilience, and the wider the impact if security is compromised. 5G must also address pre-existing threats. Most 5G networks will actually consist of an existing 4G network core, with 5G just present in the radio access edge. These hybrid networks, known as Non-Standalone will be with us for the foreseeable future.

With a majority of operators relying on already established 4G networks as a building block for their 5G networks, this leaves them open to the same vulnerabilities as the previous generation that hackers have been exploiting. This includes intercepting calls and SMS messages, tracking users locations, and more. We have seen firsthand in the media, with Circles and later the events spotlighted by IBM the impact these treats pose not just to operators, but for consumers as well.

Our recent research showed that 100% of 4G networks are also susceptible to Denial of Service attacks. This can affect millions of legacy devices and older networks globally, which is grave as these cannot be suddenly switched off so will coexist with their newer 5G counterparts for years to come. Thus, as operators work towards building out exponentially more complex and expansive networks while delivering security in 5G, they must also find the resources to secure older network generation architecture, with this audited and monitored as part of the new legal framework.

Supply chain changes

The telecom supply chain itself is also going to dramatically change, requiring additional scrutiny and protection. So-called high risk vendors had already been banned from the core of networks, but that will now be applied to its entirety.

The legislation pushes to diversify even further to create a far richer and diverse pool of vendors. Removing the expertise and experience of Huawei and replacing it with new entrants is a noble goal, but some say this will slow the 5G rollout. Which could potentially hamper new technology adoption (IoT) and the advantages to the economy that that brings, while possibly also adding expense.

Jimmy Jones

This is addressed most obviously by the Open Radio Access Networks (RAN) initiative, which has the concept of creating telecoms infrastructure that can seamlessly integrate different vendors together. The UK’s decision to create the SmartRAN Open Network Innovation Centre and the support of the NeutrORAN project with NEC is their direct attempt to help this process by creating opportunities and driving innovation for new vendors to enter the market and help operators abide by the new regulations.

The UK should be applauded for the ambition shown in this legislation, and it represents a blueprint for nations everywhere in integrating the shared consensus of security ideas into law. In the 5G era, everybody from the telecom operators, vendors, Internet of Things (IoT) suppliers all the way to the end consumers need to prioritise security more than ever before to counter the growing threat landscape. This is just the beginning.

The author is Jimmy Jones, telecoms cyber security expert at Positive Technologies.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

RECENT ARTICLES

Sign-Up For Your Premier One-Stop Guide to the EV Landscape in 2022

Posted on: December 1, 2022

The race is on to establish the market leaders across various verticals in the Electric Vehicle industry, including the vehicles themselves, charging stations, third-party service providers, and the supporting infrastructure. This in-depth EV market guide and report by IoT Now explores all these trends to help determine the roadmap for the current state as well

Read more

Axiomtek launches compact DIN-rail IIOT gateway for data driven energy

Posted on: November 30, 2022

Axiomtek, a world-renowned specialist relentlessly devoted in the research, development, and manufacture of series of innovative and reliable industrial computer products of high efficiency is pleased to announce the ICO120-E3350, an extremely compact industrial IoT gateway powered by the Intel Celeron processor N3350 (codename: Apollo Lake-M). The ruggedised designs feature fanless operation, -40°C to 70°C

Read more
FEATURED IoT STORIES

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more