The high speed of 5G can be used against operational technology if the network infrastructure is not secure by design: report
As manufacturers gear up with 5G to tap the power of connectivity everywhere to drive greater speed, safety and efficiency, new threats associated with such campus networks need to be addressed.
In particular, vulnerabilities in critical information infrastructure and operational infrastructure need to be constantly patched. Yet, the downtime needed for such updates can weigh down such ‘smart factories’.
According to a report on industrial IoT risks by Trend Micro Inc, attackers can compromise a core 4G/5G network via several key entry points.
Four ways of attack
Attacker can get into the core network from any of the following pathways:
- Servers hosting core network services: targeting of vulnerabilities and weak passwords in these standard COTS x86 servers
- Virtual machines or containers: these can also be exposed if the latest patches are not applied promptly
- Network infrastructure: appliances are often overlooked during patching cycles
- Base stations: these also contain firmware that need to be updated from time-to-time
Once inside the network, attackers will attempt lateral movement in a bid to intercept and change network packets. By attacking industrial control systems in smart manufacturing environments, attackers could steal sensitive data, sabotage production, or hold organizations to ransom.
The report included 11 proof-of-concept attack scenarios, one of the most potentially damaging of which involved targeting Microsoft Remote Desktop Protocol (RDP) servers. The upgrade to 5G does not automatically protect RDP traffic, so attackers could use this access to download malware and ransomware, or directly hijack industrial control systems.
According to the researchers, RDP v 10.0 is the most secure version and may offer some protections against these attacks, but it may be difficult for organizations to upgrade to this version.
The cybersecurity firm noted that building a mobile network in an enterprise environment involves both the end users as well as various stakeholders, including service providers and integrators. In addition, private 4G/5G networks are large-scale infrastructure and have a long life, so once built, they are difficult to replace or modify.
The report recommends that such smart factories implement “security by default” to identify and mitigate security risks at the design stage. Other recommendations to protect 4G/5G campus networks are:
- VPN or IPSec to protect remote communication channels, including to remote sites and base stations
- Application-layer encryption (HTTPS, MQTTS, LDAPS, encrypted VNC, RDP v10, and secure industrial protocols like S7COMM-Plus)
- EDR, XDR or MDR to monitor attacks and lateral movement inside the campus and the containerized core network
- Proper network segregation with VLAN or SDN
- Prompt patching, where possible, of servers, routers and base stations
- The use of anomaly detection products to cut off unlisted device/SIM card pairs