Interview: Wagner Morais, Cyber Security Consultant at VIVO Brazil
In advance of joining our Security Panel at 5G Latin America 2020, Wagner Morais, Cyber Security Consultant at VIVO Brazil, took some time to discuss the new security threats that are surrounding the emergence of 5G in Latin America, and how the ecosystem can overcome these emerging challenges.
5G Latin America: In your opinion, what are the latest security threats when it comes to 5G in Latin America?
Wagner Morais (WM): The biggest threat to 5G security is to fail to comply with these practices and not to implement continuous supervision mechanisms with regard to security aiming at the integrity of the control and administration plan, as well as the implementation of interconnection supervision mechanisms (IPx). Most threats and fraud start with network interconnections. One thing is certain, the 5G network will inherit all the vulnerabilities of 4G networks, and research indicates that 100% of 5G networks are vulnerable to Denial of Service (dos) attacks. , privacy is another challenge threats like semantic information attacks, time attacks, and border attacks are primarily aimed at subscriber location privacy.
5G Latin America: What are the new threats that are being created by the move to 5G in Latin America?
WM: In addition to the vulnerabilities inherited from the 4G network, we will have the growth of DDos attacks, and the possibility to exploit flaws to track the location of the cell phone and even transmit false emergency alerts.
5G Latin America: Is building infrastructure a cause for concern or an opportunity for new security architecture?
WM: The 5G infrastructure remains the most disruptive technology in recent years, I understand that it is an opportunity to explore this technology and the demand for 5G infrastructure and the incredible benefits offered by this technology have stimulated the investment of the main market participants. The security architecture is a great challenge, as new threats have emerged, and many challenges are to come.
5G Latin America: What are your recommendations for service providers and solution providers to evaporate these security fears?
WM: Investment in infrastructure and partnerships with companies that already have security tools and solutions for networks 4 and 5G with proven positive results and network security because of a greater exposure to attacks and a greater number of potential entry points for attackers. With 5G networks increasingly based on software, the risks associated with important security flaws, such as those resulting from bad software development processes at the suppliers themselves, are gaining importance. Therefore, the need for research and investments in security.
5G Latin America: What difficulties do the likes of IoT and new business verticals present in terms of this security question?
WM: One of the biggest concerns will be with the number of connected IoT devices. Security companies say that by 2020 there will be about 20 billion of these devices. And, no wonder, the number of Internet of Things attacks is increasing because device protection is poor and malware distribution is easily scalable. The company found 800,000 vulnerable devices last year. And, to avoid attacks of great destruction capacity, with threat of interruption of services, operators with 5G will have to develop new threat models more in tune with these realities.
5G Latin America: What are your recommendations for overcoming these challenges?
WM: All good security practices regarding the segregation of the entire control infrastructure, separation (micro / nano segmentation) of resources, reducing possible attack surfaces, as well as policies for hardening and approving equipment from the security point of view are necessary, 5G security starts “by design”, that is, all components are designed with security bias. In addition, it is necessary to create mechanisms for continuous security auditing in the various plans (control, data, administration). Not forgetting the continuous training and awareness of teams working on 5G systems.