The UK’s National Cyber Security Centre (NCSC) has argued for the creation of a National Telecoms Lab so British researchers can do ‘hands on’ testing of network security.
The burden of supporting this interest, research and investigation cannot reasonably be placed on the operators themselves; their lab environments are primarily dedicated to enhancing the performance of their own networks.
Hence… the NCSC recommends building a ‘National Telecoms Lab’; a single location housing representative, operational examples of each of the UK’s critical next-generation telecoms networks. The lab will be a bookable, accessible research facility, allowing teams from academia, SMEs, critical industries and government to research, test and learn about security on the UK’s telecoms networks. The lab will also be a secure facility, protecting the UK operator’s IP and network information, as well as any vulnerabilities found by researchers.
The recommendation is stated in the recently published summary of the NCSC’s security analysis for the UK telecoms sector. Other interesting takeaways from the report include the following.
Signaling Cannot Be Trusted
Traditionally, and to a degree currently, telecoms standards have been built on an assumption that all signalling from other telecoms networks can be trusted. However, that assumption is no longer valid as these international networks can be exploited by attackers to conduct attacks. Operators must today consider that any inbound signalling may be malicious and treat it appropriately.
At least one network has been knocked offline by a signaling message it could not handle.
…within the last five years a major telecoms network was accidentally remotely disabled for a number of hours due to the failure of a critical core node to process an unusual, internationally-routed signalling message. While this failure was an accident, it highlights a potential vulnerability that could be intentionally abused unless mitigated.
Signaling vulnerabilities are exploited in order to breach data.
…signalling networks have been shown to allow the leaking of subscriber and network data, sometimes in support of criminal activity.
Operators Take Risks by Using the Same Laptops for Network Administration and Web Browsing
Historic management of telecoms networks has relied heavily upon standard corporate devices ‘doubling up’ as administrative workstations. Consequently, the laptops that perform standard ‘office’ type functionality such as email, web access and productivity tool use are also defining the operation of the network. This can lead to several ‘commodity’ classes of attack being performed with relative ease on administrative users and these can achieve a significant impact.
Network Virtualization Could Improve Security
The successful exploitation of the virtualisation’s fabric, orchestration, and management functions could enable an attacker to influence and control the entire virtualisation fabric, including all hosts and virtual workloads, potentially achieving a total compromise of the network. Consequently, the orchestration and management functions must be locked down to prevent malicious access from compromised hosts.
However, while network virtualisation presents risk, it also allows advanced and flexible network protections. For this reason, a well-built virtualised network can be more secure and resilient than an equivalent network built on dedicated hardware.
Trojans Are Less Worrying Than Becoming Dependent on Huawei
Some current security concerns revolve around the creation of back doors within telecoms systems, but this threat may be exaggerated.
…embedding trojan functionality remains a costly and complex attack. Any covert changes require a deep understanding of the equipment and the undetected modification of code or build chains. Any intentional malicious change is performed while shouldering significant business and reputational risks should it be discovered.
Ignoring the current political debate about limiting the 5G equipment purchased from Huawei, the report writers highlighted that UK telcos may be placing too much reliance on the Chinese supplier.
Without government intervention, the NCSC considers there to be a realistic likelihood that due to commercial factors the UK would become ‘nationally dependent’ on Huawei within three years.
The NCSC report covers a lot of familiar ground and suffers from being too even-handed at times. We all know that there are risks which are serious but that these risks can be exaggerated; what we want is to know how seriously to take them. However, the report is well worth a quick read, even if you do not work in the UK. It provides a good overview of the telecoms security risk universe that covers both technical and strategic considerations.
You will find the summary of the NCSC’s UK telecoms security analysis by looking here.