Study: 5G poses a security challenge for smart factory environments. Trend Micro Research highlights various proof-of-concept attacks on connected systems in the study “Attacks From 4G/5G Core Networks: Risks of the Industrial IoT in Compromised Campus Network ”.
Trend Micro, one of the world's leading providers of cybersecurity solutions, has published an in-depth study showing new threats to 4G / 5G campus networks. Many of these take advantage of the difficulties organizations face in patching critical OT environments.
Attack scenarios on 5G networks
The study describes several attack scenarios and possible protective measures. The test environment mimics the conditions of a smart factory campus network.
“The manufacturing industry is at the forefront of IIoT implementation and is equipping itself with 5G to be fully networked and to increase speed, security and efficiency. But technological innovations add new threats to the old challenges, ”says Udo Schneider, IoT Security Evangelist Europe at Trend Micro. “As the study shows, many companies are in a bind - they cannot afford the necessary downtime to patch critical system vulnerabilities that could otherwise be exploited. Our studies show protective measures and best practices to secure smart factories today and in the future. "
Gateway for cyber criminals
The study by the Japanese security provider Trend Micro identifies key gateways through which cyber criminals can compromise 4G / 5G core networks:
- Servers hosting core network services: Attacks target weak points and weak passwords in standardized commercial off-the-shelf (COTS) servers based on x86 architectures.
- Virtual machines (VM) or containers: These can also be vulnerable if the latest patches are not applied promptly.
- Network infrastructure: Appliances are often overlooked during patching cycles.
- Base stations: These also contain firmware that needs to be updated from time to time.
As soon as the attacker enters the core network via one of these vulnerabilities, he will try to move laterally in order to intercept and change network packets. By attacking industrial control systems in intelligent manufacturing environments, such as the test environment, cybercriminals could steal sensitive data, sabotage production or blackmail the company.
Remote Desktop Protocol (RDP) most vulnerable
Of the eleven attack scenarios identified, one of the most potentially harmful is an attack on Microsoft Remote Desktop Protocol (RDP) servers, which are widely used by IT and field service technicians. Upgrading to 5G does not automatically protect RDP traffic, so attackers can use this access to download malware and ransomware or to hijack industrial control systems directly. RDP 10.0 is the most secure version and may offer some protection against these attacks. However, even here it can be difficult for companies to upgrade.
The study makes the following recommendations for protecting 4G / 5G campus networks
- VPN or IPSec to protect remote communication channels, also to remote locations and base stations.
- Encryption at the application level (HTTPS, MQTTS, LDAPS, encrypted VNC, RDP version 10.0 and secure industrial protocols such as S7COMM-Plus).
- EDR, XDR or MDR (Detection & Response) for monitoring attacks and lateral movements within the campus and the containerized core network.
- Proper network separation with VLAN or SDN.
- Timely patching of servers, routers and base stations, if possible.
- Anomaly detection products like Trend Micro Mobile Network Security, which detect the campus network and provide a robust way to turn off unknown device / SIM card pairs.
End users as well as various other stakeholders are involved in building a mobile network in a corporate environment. This includes service providers and integrators. In addition, private 4G / 5G networks form a large-scale infrastructure and have a long lifespan. Once set up, they are difficult to replace or modify. For this reason it is important to implement "Security by Default" and in this way to identify and minimize security risks as early as the design phase.
More at Trendmicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.