In the session on the regulatory and cybersecurity challenges of 5G, Henrik Berndt, Vice Chair for Europe, Middle East, Africa, WWRF, said that there are three Qs that need to be addressed for 5G. They are:
1) How can the new security challenges and requirements can be met in 5G?
2) How fast are regulators willing to ensure necessary framework exists for the success of 5G?
3) User privacy and using cross-border evidence and what it means for data privacy?
Samiran Gupta, Head of India, Internet Consortium for Assigned Names and Numbers (ICANN), said that ICANN co-ordinates the unique identifiers for the Internet. We see 5G as an important step forward in the telecom space. It is a network of networks. The Internet has increasingly become mobile. It also includes M2M communications.
In 2018, ITU had a paper on setting the scene for 5G. Some of these challenges are deployment of small cells, cost for attaching small cell sites, high cost of network equipment, spectrum allocation, etc. We have had an issue in Korea where there was simultaneous 4G and 5G network play on the handsets. 5G and IoT have also posed unintended challenges.
There is a case for one unified Internet — the Internet has 4.5 billion users. There may be a future where there is no longer the case. The IETF is working on quick transport protocols. Till that happens, we want to ensure there is no disruption to any transport protocol. 5G has two unintended challenges. One, network slicing. It could end up changing the way the Internet works. It could become a major challenge if another identifier system is put in place. Each app could even have an Internet of its own! These could also pose security challenges.
With 5G, phone numbers may not be relevant. Will there be new identifiers? The E.164 numbers are used within the cellular networks. They have also used IMSI or international mobile subscriber identity. There is no need for a new numbering system. However, within IoT, there could be a case for a new numbering system. These can easily create unintended challenges.
Narendra Nath, Joint Secretary, NIC, GoI, felt that cybersecurity challenges in 5G networks are there. In the UK, they came out with guidelines for consumer IoT. There will be a big jump in IoT devices with 5G. There may not be retrofitting of the IoT devices, which can be a challenge. We need to classify IoT devices and have the minimum security requirements in place. With 5G, there will be some disaggregation in applications. Is the security level mature for these? The general security aspects are quite common worldwide.
Debabrata Nayak, Chief Security Officer, Huawei, said that many of the security areas have been addressed in 5G. Network slicing is set to be the biggest benefit for apps. We can take appropriate measures.
5G threat agents
Samant Khajuria, Senior Specialist, Cybersecurity, Terma A/S, said that the defense has been looking at 5G for a very long time. We want to put sensors in homes, factories, and everywhere, to protect against cyber attacks. We need to ask and find out: What is the 5G landscape? Who are the threat agents? What will it take to bring trust and confidence?
There are 5G assets and security properties. E. g. cloud services. My data should be very secure and viewed by authorized personnel. The threat taxonomy is vast. As for threats, there is ransomware, hackers, cyber warfare, etc. E.g., the secret surveillance of Norway’s leaders was detected. Hackers may develop new tools and methods.
P Balaji, Chief Regulatory and Corporate Affairs Officer, Vodafone Idea, said that the march of technology and digital consumption has been massive. 5G will also transform the way businesses are conducted. There will be enhanced mobile broadband, mission-critical communications, and massive IoT, such as connected cars, remote surgery, etc. 5G use cases will span across many industry verticals.
There is a need to create a sustainable investment climate. Network slicing will be needed for critical, priority communications. There are cybersecurity challenges as well, so there is a need to improve standards, technologies, identify risks, etc. We need to protect the network infrastructure and devices, consumers and multi-stakeholders.
Andreas Sommer, Team Leader and Senior Technical Advisor, Project India-EU Co-operation added that there have been a lot of cable thefts, and equipment have also been stolen. Will these change in the 5G era? The European companies don’t even trust these systems. They rather want the private players to come in.