5G: Until recently, OT (Operational Technology) infrastructures were designed as isolated, shielded environments, disconnected from the corporate network - with the result that cybersecurity has not received much attention.
With the advancement of an ever more networked factory, the Industrial Internet of Things (IIoT) and the latest 5G mobile communications standard, companies can no longer avoid implementing security concepts for their production facilities that are equivalent to those they already do in the classic IT environment. In principle, the integration of new technologies always entails potential security risks.
Private 5G is safe - isn't it?
While public 5G networks provide industry with low-latency and high-performance connectivity, companies have limited ability to control the security and quality of service of the connections. The requirements of real-time applications, for example, which require extended routing functions for the binding enforcement of performance, throughput and latency thresholds, can only be met to a limited extent. In comparison, a 5G campus network offers significantly more control over the data traffic of critical applications, which can be dynamically prioritized according to the respective specifications.
In addition, your own network infrastructure is more secure because the data does not leave the campus and can be optimally protected against attacks through targeted, individually configurable measures. However, perimeter protection models are outdated in a 5G environment – networks based on the new cellular standard are based on distributed software-defined networks and cloud services and have software-defined perimeters with open interfaces.
What vulnerabilities make OT environments vulnerable to hackers?
Production plants or ICS (Industrial Control System) solutions are designed for availability and not for security. This means, for example, that the majority of data traffic is not encrypted, which means that sensitive information is openly accessible on the network. This creates a high risk, for example, with remote access, maintenance and diagnostics: Sensors and actuators act via two-way communication, the commands of which can be misused by cybercriminals.
In addition, there is the long depreciation phase for production systems: With operating times averaging 20 years or more, updating firmware, operating systems and APIs and using anti-virus software is made significantly more difficult. Weak points can often no longer be closed due to missing updates. If an individual solution specially adapted to the customer's needs is also implemented, the risk increases due to incompatibilities with standardized security solutions.
What security measures are necessary?
A truly secure 5G network requires a comprehensive strategy. The first goal is visibility and constant, real-time monitoring at all network layers—from application to data to signaling—to detect security threats and attacks. The next step is automatically preventing known attacks, threats and vulnerabilities detected by the monitor. In the case of unknown zero-day threats, machine learning (ML) can help intelligently stop threats, secure devices, and recommend security policies. An orchestrated platform ensures consistent, network-wide policy enforcement. Micro-segmentation and access control of the different networks and devices are also useful.
More at Services.Global.NTT
About NTT
NTT Ltd. is a leading global technology service provider. The global competence, expertise and comprehensive technology services, which are provided via an integrated service platform, help customers to drive digital transformation. As a long-term, strategic partner, NTT helps companies improve customer and employee experiences, transform cloud strategy, modernize networks, and strengthen cybersecurity.