cyber-security
IEEE/SCU SoE Virtual Event: May 26, 2022- Critical Cybersecurity Issues for Cellular Networks (3G/4G, 5G), IoT, and Cloud Resident Data Centers
This virtual event on ZOOM will be from 10am-12pm PDT on May 26, 2022.
Session Abstract:
IEEE ComSoc and SCU School of Engineering (SoE) are thrilled to have three world class experts discuss the cybersecurity threats, mitigation methods and lessons learned from a data center attack. One speaker will also propose a new IT Security Architecture where control flips from the network core to the edge.
Each participant will provide a 15 to 20 minute talk which will be followed by a lively panel session with both pre-planned and ad hoc/ extemporaneous questions. Audience members are encouraged to submit their questions in the chat and also to send them in advance to [email protected].
Below are descriptions of each talk along with the speaker’s bio:
Cybersecurity for Cellular Networks (3G/4G, 5G NSA and SA) and the IoT
Jimmy Jones, ZARIOT
Abstract:
Everyone agrees there is an urgent need for improved security in today’s cellular networks (3G/4G, 5G) and the Internet of Things (IoT). Jimmy will discuss the legacy problems of 3G/4G, migration to 5G and issues in roaming between cellular carriers as well as the impact of networks transitioning to support IoT.
Note: It’s important to know that 5G security, as specified by 3GPP (there are no ITU recommendations on 5G security), requires a 5G Stand Alone (SA) core network, very few of which have been deployed. 5G Non Stand Alone (NSA) networks are the norm, but they depend on a 4G-LTE infrastructure, including 4G security.
Cellular network security naturally leads into IoT security, since cellular networks (e.g. NB IoT, LTE-M, 5G) are often used for IoT connectivity.
It is estimated that by 2025 we will interact with an IoT device every 18 seconds, meaning our online experiences and physical lives will become indistinguishable. With this in mind it is as critical to improve IoT security as fastening a child’s seatbelt.
The real cost of a security breach or loss of service for a critical IoT device could be disastrous for a business of any size, yet it’s a cost seldom accurately calculated or forecasted by most enterprises at any stage of IoT deployment. Gartner predicts Operational Technologies might be weaponized to cause physical harm or even kill within three years.
Jimmy will stress the importance of secure connectivity, but also explain the need to protect the full DNA of IoT (Device, Network and Applications) to truly secure the entire system.
Connectivity providers are a core component of IoT and have a responsibility to become part of the solution. A secure connectivity solution is essential, with strong cellular network standards/specifications and licensed spectrum the obvious starting point.
With cellular LPWANs (Low Power Wide Area Networks) outpacing unlicensed spectrum options (e.g. LoRa WAN, Sigfox) for the first time, Jimmy will stress the importance of secure connectivity and active collaboration across the entire IoT ecosystem. The premise is that the enterprise must know and protect its IoT DNA (Device, Network & Application) to truly be secure.
Questions from the audience:
I am open to try and answer anything you are interested in. Your questions will surely push me, so if you can let me know in advance (via email to Alan) that would be great! It’s nice to be challenged a bit and have to think about something new.
One item of interest might be new specific IoT legislation that could protect devices and data in Europe, Asia, and the US ?
End Quote:
“For IoT to realize its potential it must secure and reliable making connectivity and secure by design policies the foundation of and successful project. Success in digital transformation (especially where mission and business critical devices are concerned) requires not only optimal connectivity and maximal uptime, but also a secure channel and protection against all manner of cybersecurity threats. I’m excited to be part of the team bringing these two crucial pillars of IoT to enterprise. I hope we can demonstrate that security is an opportunity for business – not a burden.”
Biography:
Jimmy Jones is a telecoms cybersecurity expert and Head of Security at ZARIOT. His experience in telecoms spans over twenty years, during which time he has built a thorough understanding of the industry working in diverse roles but all building from early engineering positions within major operators, such as WorldCom (now Verizon), and vendors including Nortel, Genband & Positive Technologies.
In 2005 Jimmy started to focus on telecom security, eventually transitioning completely in 2017 to work for a specialist cyber security vendor. He regularly presents at global telecom and IoT events, is often quoted by the tech media, and now brings all his industry experience to deliver agile and secure digital transformation with ZARIOT.
…………………………………………………………………………………………………………………………………………………………………………………………………………………….
Title: Flip the Security Control of the Internet
Colin Constable, The @ Company
The PROBLEM:
With the explosion of Internet connected devices and services carrying user data, do current IT architectures remain secure as they scale? The simple and scary answer is absolutely no, we need to rethink the whole stack. Data breaches are not acceptable and those who experience them pay a steep price.
Transport Layer Security (TLS) encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see the actual data being transmitted. However, the Router needs meta data (the IP and Port) to make it work. What meta data does the Data level Router have access to?
We need to discuss how to approach the problem and selectively discard, but learn from previous IT architectures so that we can build a more solid, secure IT infrastructure for the future.
Proposition:
I will provide a glimpse of a future security focused IT architecture.
- We need to move most security control functionality to the edge of the network.
- Cloud data center storage should be positioned as an encrypted cache with encryption keys at the edge.
- No one set of keys or system admin can open all the encrypted data.
When data is shared edge to edge we need to be able to specify and authenticate the person, entity or thing that is sharing the data. No one in the middle should be able to see data in the clear.
Issues with Encryption Keys:
- IT and Data security increasingly rely on encryption; encryption relies on keys; who has them?
- Is there really any point to VPN’s Firewalls and Network segmentation if data is encrypted?
- We use keys for so many things TLS, SSH, IM, Email, but we never tend to think about the keys.
- Do you own your keys? If not someone else can see your data!
- What do we need to flip the way IT is architected?
Recommendations for Keys:
- Keys should be cut at the edge and never go anywhere else.
- You should be able to securely share keys along with the data being transmitted/received.
- There needs to be a new way to think about identity on the Internet.
The above description should stimulate many questions from attendees during the panel discussion.
Biography:
Colin Constable’s passion is networking and security. He was one of the founding members of the Jericho Forum in the 2000s. In 2007 at Credit Suisse, he published “Network Vision 2020,” which was seen by some as somewhat crazy at the time, but most of it is very relevant now. While at Juniper, Colin worked on network virtualization and modeling that blurred the boundaries between network and compute. Colin is now the CTO of The @ Company, which has invented a new Internet protocol and built a platform that they believe will change not just networking and security, but society itself for the better.
……………………………………………………………………………………………………………………….
The Anatomy of a Cloud Data Center Attack
Thomas Foerster, Nokia
Abstract:
Critical infrastructure (like a telecommunications network) is becoming more complex and reliant on networks of inter-connected devices. With the advent of 5G mobile networks, security threat vectors will expand. In particular, the exposure of new connected industries (Industry 4.0) and critical services (connected vehicular, smart cities etc.) widens the cybersecurity attack surface.
The telecommunication network is one of the targets of cyber-attacks against critical infrastructure, but it is not the only one. Transport, public sector services, energy sector and critical manufacturing industries are also vulnerable.
Cloud data centers provide the required computing resources, thus forming the backbone of a telecommunications network and becoming more important than ever. We will discuss the anatomy of a recent cybersecurity attack at a cloud data center, review what happened and the lessons learned.
Questions:
- What are possible mitigation’s against social engineering cyber- attacks?
-Multifactor authentication (MFA)
-Education, awareness and training campaigns
- How to build trust using Operational Technology (OT) in a cloud data center?
Examples:
- Access monitoring
- Audits to international standards and benchmarks
- Security monitoring
- Playbooks with mitigation and response actions
- Business continuity planning and testing
Recommendations to prevent or mitigate DC attacks:
- Privileged Access Management across DC entities
- Individual credentials for all user / device entities
- MFA: One-Time Password (OTP) via text message or phone call considered being not secure 2-Factor Authentication anymore
- Network and configuration audits considering NIST/ CIS/ GSMA NESAS
- Regular vulnerability scans and keep network entities up to date
- Tested playbooks to mitigate security emergencies
- Business continuity planning and establish tested procedures
Biography:
Thomas Foerster is a senior product manager for Cybersecurity at Nokia. He has more than 25 years experiences in the telecommunications industry, has held various management positions within engineering and loves driving innovations. Thomas has dedicated his professional work for many years in product security and cybersecurity solutions.
Thomas holds a Master of Telecommunications Engineering from Beuth University of Applied Sciences, Berlin/ Germany.
……………………………………………………………………………………………………………………………………………………………………………………………………………………………..
Video recording of this event: Critical Cybersecurity Issues for Cellular Networks, IoT, and Cloud-Resident Data Centers – YouTube
Previous IEEE ComSoc/SCU SoE March 22, 2022 event: OpenRAN and Private 5G – New Opportunities and Challenges
Video recording: https://www.youtube.com/watch?v=i7QUyhjxpzE
U.S. cybersecurity firms seek tech standards to secure critical infrastructure
A group of cybersecurity companies that specialize in securing critical infrastructure said they’ve formed a lobbying group to push for technological standards among the private sector and government.
The Operational Technology Cybersecurity Coalition said it will directly work with government to share feedback on policy proposals and adopt uniform technological standards for securing places such as pipelines and industrial facilities. Founding members include Claroty Inc, Tenable Holdings Inc, Honeywell International Inc, Nozomi Networks Inc and Forescout Technologies Inc.
Editor’s Note: What is Cybersecurity?
Cybersecurity is a subset of information security which aims to defend an organization’s cloud, networks, computers, and data from unauthorized digital access, attack, or damage by implementing various defense processes, technologies, and practices. With the countless sophisticated threat actors targeting all types of organizations, it’s critical that your IT infrastructure is secured at all times to prevent a full-scale attack on your clouds, networks, or endpoints and risk exposing your company to fines, data losses, and damage to reputation.
………………………………………………………………………………………………………………
The new cybersecurity industry initiative comes as experts have placed increased scrutiny on what’s known as Operational Technology (OT), a broad array of computer systems that monitor and control industrial equipment.
In May, the cybersecurity firm Mandiant Inc warned that compromises against Internet-connected OT devices were on the rise.
“This work is essential to protect our country’s critical infrastructure,” said Jeff Zindel, vice president and general manager for cybersecurity at Honeywell.
Information Technology (IT) and Operational Technology (OT) are converging, bringing the promise of improved efficiency and new business models enabled by mass digital transformation and the Industrial Internet of Things (IIoT). However, along with the promise of greater connectivity comes greater risk.
As new technologies are introduced and integrated into legacy operations, OT and IT teams are being challenged from every direction. Security approaches that previously worked for one environment may not apply to the other.
That is why a coalition of industry leaders founded the Operational Technology Cyber Security Alliance (OTCSA) — to provide OT operators and suppliers with resources and guidance to mitigate their cyber risk in a fast-evolving world.
An ecosystem approach to safe and secure industrial operations:
The OTCSA is committed to enabling safe and secure operations for the entire OT spectrum. This includes securing the related interfaces to enable interconnectivity to IT while continuing to support and improve the daily life of citizens and workers in an evolving world.
The OTCSA provides OT operators and their vendor ecosystems with regular technical briefs and implementation guidelines to navigate necessary changes, upgrades and integrations. We will build and support an understanding of OT cyber security challenges and solutions from the board room to the factory floor.
The OTCSA adresses cyber security concerns across the entire range of industrial operations, including:
- Industrial control system equipment, software, and networks
- IT equipment and networks that are used in OT systems or provide functionality to OT systems
- Building management systems
- Facilities and control rooms access control systems
- CCTV systems
- Medical equipment
PON’s Vulnerability to Denial of Service (DoS) Attacks
by Shrihari Pandit
Introduction:
The dominant architecture used in fiber optic deployment -Passive Optical Networks (PONs) may be vulnerable to attack. It is important to bring attention to this under-appreciated weakness and discuss what steps are possible to protect fiber infrastructure.
As various PON technologies are long standing and widely deployed, this is a matter of no small concern. PONs are widely deployed by Verizon FiOS, AT&T U-verse and many others.
The PON architecture is a hodgepodge of old and new technologies, hardware and strategy, limited budget and often is not overseen by a single team.
In this article we describe how fiber optic infrastructure based on PONs may be open to potential denial of service (DoS) attacks via optical signal injections. Security experts warn that this is a growing issue, which could take down entire sectors of PON segments.
Considering the ever increasing state-sponsored and non-state-actor cyber attacks, these types of vulnerabilities that allow for massive disruption for large groups of people are very attractive targets.
PON Overview:
The cost advantages of PON architecture make it the overwhelming choice for FTTH deployments. PON allows wireline network providers to deliver service to businesses and homes without having to install costly active electronics on roads, curb-side or even within buildings themselves.
Active electronics, on the other hand, add cost and create operational complexity as deployments scale. The conveniences and differentiators of PONs are precisely what opens up the floodgates to serious vulnerabilities.
PONs are fundamentally susceptible due to the architecture from the passive optical splitter (POS) to the optical network unit (ONU) within the overall network infrastructure. The POS component of the network functions like a bridge, allowing any and all communications to transverse without the ability to filter, limit or restrict flow.
The fiber optic market currently boasts 585.9 million subscribers worldwide, with that number set to grow to 897.8 million subscribers by 2021.
The industry has moved to upgrade 1st generation GPONs and EPONs to next-generation PONs, like NG-PON2 (the favorite), XG-PON1 and XGS-PON. For example, Verizon uses the Calix AXOS E9-2 Intelligent Edge System for large-scale NG-PON2 deployments that began in the first quarter of 2018.
However, with subscriber density significantly increasing per PON segment, the risks increase as more subscribers are affected by a cyber attack on a single fiber.
Sidebar: NG-PON2
NG-PON2 combines multiple signals onto a single optical fiber by using the different wavelengths of laser light (wave division multiplexing), and then splits transmission into time slots (time division multiplexing), in order to further increase capacity. NG-PON2 is illustrated in the figure below.
Legend:
OLT =Optical Line Termination ONT =Optical Network Termination
NGPON2 has three key advantages for operators:
1. Cost
Firstly, it can co-exist with existing GPON and NGPON1 systems and is able to use existing PON-capable outside plant. Since the cost of PON FTTH roll out is 70 per cent accounted for by the optical distribution network (ODN), this is significant. Operators have a clear upgrade path from where they are now, until well into the future.
2. Speed
Initially NGPON2 will provide a minimum of 40 Gb/s downstream capacity, produced by four 10 Gb/s signals on different wavelengths in the O-band multiplexed together in the central office with a 10 Gb/s total upstream capacity. This capability can be doubled to provide 80 Gb/s downstream and 20 Gb/s upstream in the “extended” NGPON2.
3. Symmetrical upstream/downstream capacity
Both the basic and extended implementations are designed to appeal to domestic consumers where gigabit downstream speeds may be needed but more modest upstream needs prevail. For business users with data mirroring and similar requirements, a symmetric implementation will be provided giving 40/40 and 80/80 Gb/s capacity respectively.
………………………………………………………………………………………
The Essence of a PON Cyber Attack:
Given the flashpoints around the globe, it doesn’t take much imagination to envision how state and non-state actors might want to cause such a chaotic and widespread disruption.
If a “cyber criminal” gains access to the underlying fiber, they could inject a wideband optical signal to disrupt communications for all subscribers attached to the PON segment.
Alternatively, at your home the adversary could manipulate the ONU’s optical subsystem to transmit abnormal PON signals and impact service to all subs on that segment. Communications including internet, voice and even analog TV signals that operate on nearby wavelengths would be susceptible to these serious DoS attacks.
Possible Solutions, Preventive Methods and Procedures:
So, what can be done with current equipment without a massive and costly fiber optic network overhaul? The unfortunate answer is that an overarching vulnerability will always exist as long as the passive components are in place. A reactionary process is the best and only option.
The current primary solution for operators is to reduce the number of subscribers per PON segment as a way to manage risks. If an attack was detected, the network operator would be able to localize the source and identify and disconnect the bad actor from the network. But it’s easier said than done.
This sort of manual process is not ideal. Extensive PON outages means spending the time and money to send personnel to optical line terminals to check each individual port until the attacker is found. The installation of active electronics on each PON segment or near PON subscribers is unrealistic and impractical. That undertaking would actually be more costly in terms of time, money and location.
The best ongoing solution is that operators should consider installing passive tap points per PON segment. Each can be independently routed back and managed at a provider’s operations center and allow operators to effectively analyze segments and detect unusual optical light levels that may signal an attack.
At that point the operator could physically dispatch techs on-site to continue the localization and resolution process while ensuring other non-threatening users remain unaffected. This solution is to effectively take a reactionary restriction and make it as automatic and proactive as currently possible.
Conclusions:
P2MP (point to multi-point) architecture has become the most popular solution for FTTH and FTTP. Yet there needs to be a severe increase in awareness to potential PON vulnerability into the next generation.
If we can catalyze the telecom industry to develop methods and measures to protect infrastructure, such crippling network security issues will be stopped before widespread exploits occur.
The industry needs to address these concerns sooner rather than later or else be left without effective countermeasures against these very real threats.
………………………………………………………………………………………………..
References:
https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos
https://s2.ist.psu.edu/paper/ddos-chap-gu-june-07.pdf
https://www.youtube.com/watch?v=G93I_v2pa24
……………………………………………………………………………….
About Shrihari Pandit:
Shrihari Pandit is the President and CEO of Stealth Communications, the NYC-based ISP he co-founded in 1995. Stealth, having built its own fiber-optic network throughout the city, provides high-bandwidth connectivity services to a broad roster of customers in business, education and government.
Prior to Stealth, Mr. Pandit was a network-security consultant to various software and telecom companies, including MCI, Sprint and Sun Microsystems. He also served as an independent consultant to several U.S. agencies, including NASA and the National Infrastructure Protection Center (NIPC), now part of the Department of Homeland Security.