European Authorities Feel Vulnerable by 5G Tech

In a conference lectured by Patricj Rhude, Nokia head of security, he alerted about the dangers in security the 5G telephony networks bring about. Now, a recent report from Europol follows this same line by alerting the inherent risks from the technology that may lead the development of digital society in the next years.


Europol, the law enforcing agency of the European Union, as well as multiple cyber security firms, state that the new 5G network technology will prevent police organisms to track the activity of mobile devices because the technology these agencies currently posses is outdated.


According to experts from this European body, the 5G technology makes it hard for authorities to use the SIM card ID to identify and locate devices. This has two reasons:


– The first reason is the coding of the IMSI (International Mobile Subscriber Identity), the individual number of the cell phone’s card send to second plane in every communication process, and it can be used to identify and locate the device. The encryption will prevent this from happening, rendering impossible for authorities to assign a device to a specific person.


– The second reason is the development of 5G technology will render obsolete the use of IMSI receptors, indispensables so far for police to carry out vigilance and investigation measures. Why? Because the carriers’ own mobile network as well as said devices could detect fake bases with their IMSI receptor.


Authorities also face a challenge when using or accessing the information through legal means. The issue lies in the network’s division, a core characteristic of 5G.


With this new technology, what was then a single network of mobile radio it will now become multiple virtual networks, that is, in a single physical infrastructure will coexist many virtual networks with high levels of customization to adapt to the needs of different apps, services, devices, clients, and carriers.


This functionality will bring a better economic and energetic efficiency than 4G. It will also optimize the use of the infrastructure and resource assignment. The bad news for authorities is that, if they wish to legally tamper calls, they will need the cooperation from various network carriers, not only in the country, but outside as well. It could happen that some of the network divisions are in control of third parties not bound by law, making it impossible to access the information they have.


Members of the GSMA Association were surprised by the European agency statements; they said that criminal activity could still be tracked after the implementation of 5G technology.


Catherine De Bolle, Head of Europol, mentioned that the capacity to do vigilance with the use of 4G network, and that it is one of the most reliable tools for criminal investigation; therefore, is not convenient to just discard the use of this technology.


Specialists on cyber security claim that police agencies usually use 4G network analysis for their many crime fighting activities, from tracking calls to locating victims of kidnapping.


On the other hand, cyber security specialists from the International Institute of Cyber Security (IICS) consider that 5G network raises the complexity of monitoring since mobile traffic data travels through many more elements of communication system.


“Right now we are trying to meet halfway with mobile carriers, technological companies, users, and authorities”, said Catherine De Bolle.


GSMA holds their ground reassuring that the implementation of 5G technology does not prevent tracking any criminal activity by analyzing mobile networks:


“Law enforcement agencies will participate in the 3rd Generation Partnership Project (3GPP), which is responsible for dictating standards for 5G networks, including legal interceptions.”


Europol also published in its report some potential technological threats regarding the enforcement of European Union law; among those are the uses of autonomous vehicles with illegal purposes, or the automatic encrypted systems.

The issues for the law forces do not end here. The known Multi-Access Edge Computing (MEC) represents another inconvenient. This technology allows cell phones to communicate between them without having to use the carrier’s central network. This direct communication, without neither the content nor the ID being redirected to the central nods, will also make inaccessible the information to the police and intelligence services.


As if this was not enough, the end-to-end encryption (E2E) will be the cherry on top. This encryption is not included like standard protocol yet, but it seems that it will be included and, even if it was not like that, cell phones fabricators will included it, one more unbreakable barrier to access the content of communications.


Lastly, it cannot be forgotten the virtualization of the physical parts of the network (NFV) that can promote criminals to perform attacks to access or modify phone numbers (object lists) being monitors. According to Europol, right now there is not any commercial hardware available to prevent these types of attacks.


Brussels asks the 28 to prioritize security of 5G networks and asks a common decision about Huawei as service carrier. The European Commission called on the 28 to make security a priority in the development of 5G networks, taking into consideration the “core” of future digital economy, and called for a common decision about the eventual necessity of excluding or not companies such as Huawei if the conclusion is that they represent a threat to security too difficult to control.


Huawei is among the service carriers, but Brussels avoids emphasizing in a specific company. “There is a lot a debate about Huawei, which, in a way, reflects the success it has in the market”, says European Security Commissioner Julian King. “When the Chinese ambassador came and talked to me about it, I explained him that we are not obsessed with China. We are simply assessing the risks of this market, and if there is an important carrier that can be included in the debate.”


Brussels wants a common strategy for future 5G networks; they are gathering information from the member states. A total of 24 countries have already submitted their evaluations.


“This time is not only about adapting how cell phones work; it is not even with 3G or 4G. It is revolutionary because it will be the core of our digital connectivity, key for the development of any kind of services”, explained King in a press conference.

No Comments

Sorry, the comment form is closed at this time.

Suscríbete a nuestro boletín y recibe en tu bandeja de entrada las últimas noticias sobre Seguridad de la Información. #SomosCiberSeguridad