With 5G set to be integrated into the cloud environment, organizations should follow the best practices to prevent any attacks launched by threat actors.
With speed and seamless experience taking priority among businesses and customers alike, 5G networks are something that all organizations are after. With cloud computing responsible for today’s digital transformation, it will all play a crucial role in the utilization as well as the success of 5G networks. However, adoption of the latest technology brings security concerns with it, and the use of 5G’s use of cloud is no different. Therefore, the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Agency (CISA) have released the first part of its four-part series titled Security Guidance for 5G Cloud Infrastructures.
The first part of the series focuses on preventing and detecting lateral movement, which is recommended for service providers and system integrators involved in the development and configuration of 5G cloud infrastructures. It revolves around the concept of zero-trust.
Cloud environments have various entry points and vulnerable interfaces where threat actors could attempt to compromise environments that include APIs, software, and networks. Hence, CISA/NSA guidance focuses on 5G cloud environments that involve perimeter protection and secure internal controls coupled with sufficient security logging, automation and monitoring.
Also Read: NaaS Can Address Today’s Enterprises Needs
Here are five takeaways for security professionals from the guidance series:
- Implementing identity and access management
Irrespective of the computer model deployed, organizations should have necessary security practices in place to mitigate vulnerabilities and lateral movements in the 5G cloud environment. From the perspective of Identity and access management (IAM), organizations should put fundamental security measures and practices such as least permissive access control, robust authentication, unique identities, and multi-factor authentication in place. These should be used to implement mutual transport layer security (mTLS) and certificate pinning to authenticate the certificate holder’s identity. Additionally, the guide recommends that anomalies should be identified at their earliest stage, and auto-remediation capabilities should be implemented when they are feasible.
- Continually updating the 5G software
The range of software in place increases the complexity of cloud environments, including open-source and proprietary software to provide vital services to 5G cloud customers. Therefore, 5G cloud providers should incorporate robust software development practices such as NIST’s Secure Software Development Framework along with mature vulnerability management programs as well as operations.
- Securing the 5G configuration
The implementation of networking security in the cloud environment can vary since it has a range of layers, including virtual private cloud (VPCs), pods, containers and hosts. The CISA/NSA guide recommends grouping various resources depending on their sensitivity and limiting blast radius via micro-segmentation. Another way to secure the 5G cloud environment is by isolating communications and network configurations. Organizations should use cloud-native capabilities such as network access control lists and firewall rules to constrain network paths. This will ensure even if a single VPC or subnet is compromised, others would still be intact.
- Monitoring and detecting lateral movement
Having preventive controls in place is crucial for the security 5G cloud environment. However, it would not matter if the malicious actors gain access to the 5G cloud providers and are oblivious to them. Since credential compromises, infrastructure vulnerabilities are on the rise, CISOs have proper monitoring, alerting, detection, and remediation capabilities when such vulnerabilities occur. This involves activities such as monitoring user behavior normalities and suspicious network traffic behaviors.