Attacks from 4G/5G Core Networks: Risks of the Industrial IoT in Compromised Campus Networks
5G is projected to have an impact on the future, though its effects are already being felt today. A part of this conversation is the 4G/5G campus network, which is being rolled out in smart factories, remote power stations, harbors, healthcare facilities, and other industries. Previously defined as an interconnection of LANs exclusive to a limited area, a campus network now denotes a cellular communication system that comprises of a core network and multiple base stations.
Campus networks demonstrate the deepening role of telecom technologies in industrial environments. However, aside from highlighting new threats, it also underscores how IT and operational technology (OT) professionals might be lacking the necessary knowledge to mitigate telecom-related threats. To narrow this knowledge gap, we created our own campus network, where we not only simulate potential attack scenarios but also suggest ways to prevent them.
Key Findings
-
The entry points from where attackers can compromise a core network include the server hosting core networking services, a virtual machine (VM) or a container, the network infrastructure, and base stations.
-
Attack scenarios range from scenarios that are already known in the field of IT to attacks that are telecom- specific.
-
Examples of common attacks that we were able simulate are DNS, MQTT, Modbus/TCP hijacking, SIM swapping, and remote desktop attacks. These common attacks stem from the IP network and should be familiar to IT professionals.
-
Cellular-specific attack scenarios that we uncovered include SMS brute-force, fake GTP, and APN-related weaknesses. These are attacks that can only be delivered via a cellular network. IT professionals might also be less familiar with these.
Security Recommendations
-
Use application layer encryption, such as HTTPS, MQTTS, LDAPS, or any well-designed industrial protocol.
-
Rely on proper network segregation, VLAN, and IPsec as valuable defenses for industrial facilities that run campus networks.
-
Apply the latest patches for operating systems, routers, and base stations as soon as they are available to prevent threats from affecting open campus networks.
-
Use VPN or IPsec to help protect remote communication channels, remote sites, and base stations.
Conclusion
More organizations will likely adopt campus networks in the future to meet the evolving demands of the present and keep up with the continuing development of 5G technology. In doing so, they need to be wary of the threats that we discuss as these could freeze operations, expose important information, and lower quality of production, among other consequences.
Read the full research titled “Attacks From 4G/5G Core Networks: Risks of the Industrial IoT in Compromised Campus Networks,” by Trend Micro to find out more about the campus network and its components. The full research also provides an elaboration of the different attack scenarios and their implications.
More about:
5G Applications and Business Use Cases
About the authors
Philippe Z Lin, Charles Perine, Rainer Vosseler, Trend Micro Research
Wen-Ya Lin, Institute of Information Industry
How to Use InfluxDB and PTC ThingWorx for Industrial IoT
One of the biggest challenges of implementing a digital transformation program is integrating with legacy systems for data collection. Another major challenge is presented in storing and utilizing that data to extract business value. In this article, you will learn about
At the Forefront of Innovation: Dr. Köckler’s Take on Hannover Messe’s Global Impact
In an ever-evolving industrial landscape, Hannover Messe stands out as the beacon of progress, where industry professionals converge to push the boundaries of innovation. This is the premise Dr. Jochen Köckler, Chairman of the Managing Board, Deutsche Messe AG, underlines
May 2024 Industrial IoT & ICS Cybersecurity Events
Welcome to the May 2024 roundup of IIoT and ICS cybersecurity events. This month promises an array of conferences, summits, and expos dedicated to exploring the latest advancements, challenges, and best practices in securing critical infrastructure and advancing industrial connectivity.