Written by: Pablo Molinero, Fortinet
In the Industry 4.0 era, critical industries from manufacturing to transportation to energy and utilities view 5G as the catalyst furthering change. 5G has the potential to accelerate the adoption of the Internet of Things (IoT) and Industry 4.0, and drive further innovation, automation and efficiency. To extract the full potential of 5G, operators need to look beyond the public network. While public networks offer a lot of capacity with high bandwidth connectivity to everyone equipped with a 5G compatible device, it’s not yet configured to support industrial needs. This leads critical industries to create their private mobile networks that while offering improved performance, reliability, and connectivity also bring with it cybersecurity risks.
In a 2020 study done by ABI Research, they predicted that private networks built by Enterprises will go beyond public networks by 2036. And for good reason, as private cellular networks can be quickly deployed and customized to serve key and time-sensitive needs for automation, control, physical and process safety. Here we are talking about ultra-reliable communications for low latency applications as well as massive machine-to-machine communications for IoT and IIoT applications.
Creating your own private mobile network doesn’t go without risks in terms of cybersecurity. Protecting operational technologies is already critical. If you are adding to these IIoT devices, fueled by the 5G capabilities such as hyper scalability, ultra-low latency, support for machine communications, predictability, agility, and high precision, within a tailored made network, you are facing many challenges in a fast-growing attack surface. There are multiple architectures for deploying private mobile networks, which vary based on the enterprise and industry requirements, use cases, and a spectrum of regulations and allocations per country. A company looking to build its own private mobile network may involve a myriad of different architectures and actors to create and manage it. Before deploying it, cybersecurity implications must be top of mind for all organizations. Companies should start by assessing their cyber maturity and be aware of the skills and technology required to detect, block, and respond to cyber threats.
Here are some takeaways to think about when designing a proper secure 5G Mobile private network:
- The first security aspect involves micro-segmentation and access control of the different production networks and devices. Security needs to create a virtual air gap in production environments to protect against threats, contain and limit their progression and impact.
- Industrial devices are often not updated in time to not jeopardize the availability of the production chain. They can live with a well-known vulnerability for weeks or even months. In this case, the security infrastructure in place should provide a virtual security patch by preventing vulnerabilities to be exploited until the devices are upgraded.
- Predictable low latency is also a key aspect. A few extra milliseconds can slow down, bring to a halt or even harm an entire production line if the inputs and outputs used by the industrial control application arrived too late to be usable.
- Finally, the security elements need to have a very low footprint and in some cases be able to work in environments of high temperature or humidity, which require ruggedized solutions.
In summary, it is well known that factories and logistics hubs are very attractive targets for denial-of-service attacks, ransomware raids, disruptions, or industrial espionage. Operators and industrial players are well aware of it, and they are making cybersecurity an integral part of their 5G private network to avoid risking losses greater than the network investment they are making or the productivity gains 5G is bringing. Segmentation, access control, and network-wide visibility are all keys to secure these private mobile networks.