Trellix logo
Trellix Xpand Live
Register Now

September 27-29, 2022 ARIA Hotel & Casino Save the date and start planning to align with our leadership teams to learn our vision for a new kind of cybersecurity and learn more about our innovations in cyber intelligence and XDR architecture.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

The Threat Report - Summer 2022
Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems, and includes analysis of email security trends.

Critical Flaws in Widely Used Building Access Control System
Critical Flaws in Widely Used Building Access Control System

At Hardwear.io 2022, Trellix researchers disclosed 8 zero-day vulnerabilities in HID Global Mercury access control panels, allowing them to remotely unlock and lock doors, modify and configure user accounts and subvert detection from management software.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Trellix Xpand Live
Register Now

September 27-29, 2022 ARIA Hotel & Casino Save the date and start planning to align with our leadership teams to learn our vision for a new kind of cybersecurity and learn more about our innovations in cyber intelligence and XDR architecture.

Stories

The latest cybersecurity trends, best practices,
security vulnerabilities, and more

5G: The Final Frontier

Today Trellix Threat Labs is excited to announce the release of a whitepaper dedicated to 5G and its potential security concerns. As we look at the potential of 5G, we foresee it impacting nearly every facet of digital life in the developed world. From (vehicle to anything communication) to air travel to IoT and mobile broadband, it seems the only way to avoid the impacts of 5G is to live a strictly analog lifestyle and not interact with the rest of humanity. While I enjoy amateur radio as much as the next “ham,” I don’t spend much time on analog communications – even amateur radio communications have gone digital and will see enhancements from 5G.

With the substantial increase in commercial 5G rollouts and the number of devices and industries touched, we at Trellix felt a gap exists in the deep understanding of the fundamentals and security of 5G. Addressing this gap required a deep dive into the 5G protocol from a security perspective. As with every other aspect of technology, there is a never-ending race between malicious actors and security researchers to find critical vulnerabilities in emerging technology. As history teaches, industry professionals losing this race can cause significant financial and societal burdens. In theory, we expect 5G to be inherently more secure than previous generations, but we won’t know for sure without researchers taking the time to investigate. You know what they say about theory and practice…

Within Trellix Threat Labs, we wanted to investigate the full stack of 5G, from radio interface through application layer security. All previous standards have had security flaws, from compromised encryption keys to baseband bugs. We first needed to understand what has changed since the LTE standard. We looked hard at the protocol definition, the security requirements, and the move to software-defined infrastructure with the 5G-NR (5G New Radio).

Labeled as Release 15 of the 3GPP, the protocol definition itself comprises hundreds of pages of technical documentation. While much of the documentation dealt with the needs of carriers (billing, handover, roaming agreements, and similar), a significant portion dealt directly with the security requirements of mobile equipment – standard-speak for edge devices such as phones, IoT widgets, mobile hotspots, and anything else that can connect to 5G. After digging into the latter, we have enumerated the attack surface on the core 5G network from the perspective of malicious devices and created a detailed threat model of the most critical attack surfaces. And because nothing truly exists until it is in writing, we have published this whitepaper so that others may benefit from the work we have done to this point. Also, anything that makes a standard easier to parse is a welcome addition to the body of knowledge on a topic!

Within the whitepaper, we provide an overview of the history of how we got to 5G, with it poised to become one of the most widely used mobile technologies. We discuss some of the benefits and costs of 5G and the move to infrastructure-as-code (SDN, SDR, and virtualization). We detail our proposed attack surfaces, discuss characteristics a malicious device or access point would need, and even look at some of the recent news touching on 5G. As a preview, no, 5G did not cause COVID-19.

We also paid close attention to the proposed use cases within the standard to look for any pointers to where any weaknesses may exist – new functionality adds new complexity, after all. While we can summarize most of the use cases of 5G as “The same as with LTE, but with more bandwidth,” some novel new uses weren’t possible with LTE due to limited bandwidth, i.e., ubiquitous AR. Whether any of these new use cases will bear poison fruit remains an open question we plan to pursue.

Featured Content

Get the latest

We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.

Please enter a valid email address.
Zero spam. Unsubscribe at any time.