The UK telecoms security bill: A signal of change in the global 5G industry?

Following the introduction of the Telecommunications Security Bill in the United Kingdom, the stakes for security compliance have never been greater. As Jimmy Jones, telecoms cyber security expert at Positive Technologies says, many have focused on the complete ban on Huawei’s involvement in the UK’s 5G network, which is a major aspect.

However, the situation with Huawei has been front and centre for some time, thus it may be a moot point as the exclusion of their equipment has potentially been accounted for in 5G network planning. In truth, the more important details that operators should be focused on are the heightened security responsibilities they now face.

EU and US security theme

While the UK is the first to move towards legislation, it is only following the theme of others, such as the European Union and the United States. The intention to increase and quantify security in telecom networks is palpable across the globe.

Following a 5G conference in Prague in 2019 that was attended by 32 countries, the EU unveiled their EU Toolkit, which was designed to give member nations a set of measures to alleviate the risks that 5G networks present. Shortly thereafter, the US Cybersecurity and Infrastructure Security Agency presented a strategy document of their own.

Now the UK has taken things one step further by enshrining these powers in law and putting the onus on telecoms operators, with fines of £100,000 (€ 110,690) a day or 10% of revenue for non-compliance. High security standards will now be government mandated and paramount, a change for the industry from setting their own standards of security gaps. This legislation represents the logical next steps of the previously published regulatory documentation; therefore, it’s likely these principles will be replicated globally.

Security in 5G networks

It’s critical that security is delivered in 5G networks due to the huge increase in connectivity it ushers in. More connectivity means more varied services and more devices relying on network resilience, and the wider the impact if security is compromised. 5G must also address pre-existing threats. Most 5G networks will actually consist of an existing 4G network core, with 5G just present in the radio access edge. These hybrid networks, known as Non-Standalone will be with us for the foreseeable future.

With a majority of operators relying on already established 4G networks as a building block for their 5G networks, this leaves them open to the same vulnerabilities as the previous generation that hackers have been exploiting. This includes intercepting calls and SMS messages, tracking users locations, and more. We have seen firsthand in the media, with Circles and later the events spotlighted by IBM the impact these treats pose not just to operators, but for consumers as well.

Our recent research showed that 100% of 4G networks are also susceptible to Denial of Service attacks. This can affect millions of legacy devices and older networks globally, which is grave as these cannot be suddenly switched off so will coexist with their newer 5G counterparts for years to come. Thus, as operators work towards building out exponentially more complex and expansive networks while delivering security in 5G, they must also find the resources to secure older network generation architecture, with this audited and monitored as part of the new legal framework.

Supply chain changes

The telecom supply chain itself is also going to dramatically change, requiring additional scrutiny and protection. So-called high risk vendors had already been banned from the core of networks, but that will now be applied to its entirety.

The legislation pushes to diversify even further to create a far richer and diverse pool of vendors. Removing the expertise and experience of Huawei and replacing it with new entrants is a noble goal, but some say this will slow the 5G rollout. Which could potentially hamper new technology adoption (IoT) and the advantages to the economy that that brings, while possibly also adding expense.

Jimmy Jones

This is addressed most obviously by the Open Radio Access Networks (RAN) initiative, which has the concept of creating telecoms infrastructure that can seamlessly integrate different vendors together. The UK’s decision to create the SmartRAN Open Network Innovation Centre and the support of the NeutrORAN project with NEC is their direct attempt to help this process by creating opportunities and driving innovation for new vendors to enter the market and help operators abide by the new regulations.

The UK should be applauded for the ambition shown in this legislation, and it represents a blueprint for nations everywhere in integrating the shared consensus of security ideas into law. In the 5G era, everybody from the telecom operators, vendors, Internet of Things (IoT) suppliers all the way to the end consumers need to prioritise security more than ever before to counter the growing threat landscape. This is just the beginning.

The author is Jimmy Jones, telecoms cyber security expert at Positive Technologies.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

RECENT ARTICLES

Amplify the off-road audio experience with the all-in-one Tread Audio System from Garmin

Posted on: August 8, 2022

Olathe, United States. 04 August, 2022 – Garmin International Inc., a unit of Garmin Ltd., announced the all-in-one Tread Audio System with LED controller featuring audio sources for AM/FM, AUX and Bluetooth technology. Designed to withstand the rigors of any off-road adventure, this rugged, high-performance stereo system brings music, lights and fun to any powersports ride using the audio box

Read more

Amazon and iRobot sign an agreement for Amazon to acquire iRobot for $61 per share

Posted on: August 8, 2022

Seattle and Bedford, Mass., 5 August 2022 – Amazon and iRobot announced that they have entered into a definitive merger agreement under which Amazon will acquire iRobot. iRobot has a history of making customers’ lives easier with innovative cleaning products for the home. iRobot has continued to innovate with every product generation, solving hard problems to help

Read more
FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more
IoT Newsletter

Join the IoT Now online community for FREE, to receive: Exclusive offers for entry to all the IoT events that matter, round the world

Free access to a huge selection of the latest IoT analyst reports and industry whitepapers

The latest IoT news, as it breaks, to your inbox