8th Annual Control Systems Cybersecurity Europe Cyber Senate 8th Annual Control Systems Cybersecurity Europe Cyber Senate

The 5G threat landscape


Philip Marsden
NCC Group, Senior Security Consultant, Telecommunications Practice

Philip has worked in the security business for over 20 years, in a number of different areas from crypto design and development, red/blue teaming, to pen-testing and security consultancy. Philip has hands-on experience and knowledge of 2G, 3G, 4G and 5G network architectures, components and systems, and is familiar with the various attack scenarios leveraged by adversaries. He is currently heading up the emerging telecommunications practice at NCC Group.

NCC Group is a global cyber security business operating across multiple sectors, geographies and technologies. We are experts in finding and exploiting vulnerabilities and use this to help businesses to identify, assess, mitigate and respond to the risks we all face so they become resilient and able to operate. Through our extensive network of security consultants, we have the technical expertise to fulfil our customers' cyber security requirements. NCC group works closely with mobile vendors, equipment suppliers and regulators to secure end-to-end mobile communications across different platforms around the world. 

While the move to 5G mobile deployments presents a wealth of opportunities and capabilities for us all, the technology also introduces new vulnerabilities and threats. There are three main threat vectors across the various 5G domains and within these are sub-threats that describe additional points of vulnerability for threat actors to exploit. While not all inclusive, these types of threats have the potential to increase risk to a particular mobile operator as they transitions to 5G. The Policy and Standards, securing the Supply Chain and finally the 5G systems architecture itself all have various vulnerabilities associated with them and are the foundation for securing the 5G future infrastructure. These threats could be cascaded by attackers to further leverage access to your 5G network and compromise hosts or the endpoint user devices be it a IoT device, a handset or a connected vehicle. This overview will attempt to show these threats and specific issues that might pose a risk to IoT/Control system devices and highlight how to mitigate these.