The top trends CSPs and enterprises will face in 5G cybersecurity

Like almost everyone else, our way of working has been significantly affected by the COVID-19 pandemic. Fortunately, one thing that can’t be stopped, even if it may have been slowed, is the rollout of 5G, which remains a high priority around the world.

As we move into 2021, an increasing number of operators are moving ahead with their 5G plans and are rolling out 5G services. Likewise, for enterprises, things like 5G private mobile networks are going to become more common and,  in some use cases,, mainly around Industry 4.0, they may even be the go-to solution for deploying a fast and reliable network replacing the fixed and Wi-Fi solutions used today. We expect these trends to continue and accelerate. We also expect that, as the trend accelerates, additional use cases for private mobile networks will be realized, and, together with a price drop, they can become the go-to network for enterprise premises.

5G will bring many benefits, as well as its share of challenges. 5G networks have significantly higher bandwidth, are designed to support a very large number of IoT devices, and have a distributed architecture with multiple edge computing sites that access the internet locally to enable low-latency services and applications. These factors combine to create a dramatically higher level of vulnerability to cyberattacks that aim to cripple the network itself.

5G cybersecurity issues will take center stage

The delivery of much-anticipated services like autonomous cars and remote medical procedures requires a distributed architecture supporting higher-than-ever performance. However, it’s critical for most network operators to capture revenue now by quickly winning over customers in the consumer space. Consumer services will be responsible, at least over the next couple of years, for a significant part of 5G network revenue and value-added services to customers will be important revenue drivers for most telcos.

Although more and more 5G networks are being deployed to address the demand for new, high-performance and low-latency applications, security for the user plane is still not getting the attention it deserves. As we head into next year, there will be growing pressure for 5G security to become a “front and center” concern for every deployment in order to mitigate the possibility of potentially catastrophic cyberthreats, especially DDoS attacks.

A survey we conducted earlier in the year revealed that 48% of CSPs report that DDoS accounts for 3-5% of their network traffic and another 11% report that it accounts for 6-10%. There is high concern that growing IoT deployments will make it even worse. More than half of surveyed CSPs anticipate that 5G is going to further increase DDoS traffic.

It’s important to note that, in 2021 and beyond, the old ways of addressing DDoS attacks will no longer be sufficient because of 5G’s need to ensure high speed and low latency, via multiple, relatively vulnerable mobile edge computing (MEC) sites. These MECs, critical for low latency apps (such as gaming, AR, etc.), are relatively easy for bots to attack and overwhelm because of their low capacity that can be crippled via “hit-and-run” attacks. Instead of mitigation methods that rely on statistical sampling of traffic and rerouting to scrubbing centers, communication service providers (CSPs) and enterprises will need to focus efforts on real-time, inline, full traffic analysis to instantaneously detect and mitigate DDoS attacks in order to protect their networks from rogue IoT devices that are attempting to overwhelm their resources. However, this is only one of the issues CSPs and enterprises will be facing as we enter the new year.

QoE is even more important in 2021

As the world becomes more and more dependent on digital communication, ensuring Quality of Experience (QoE) has become more important than ever. To ensure QoE, CSPs will need to continuously monitor network traffic for attacks, as well as transient events, that can impact subscriber experience. For that, they will need to measure QoE at an application level, and immediately react to QoE changes, which can be the result of network attacks and transient events, such as local congestion from unanticipated traffic surges and extraordinary events inspiring people to send videos, etc.

The proper handling and management of network traffic will be a crucial, key differentiator for CSPs and enterprises as they all strive to deliver high quality of experience to their end-user customers.

This is now more important than ever with the current pandemic-inspired work-from-home (WFH) trend, which will morph into a “work-from-everywhere” trend thanks to the connectivity gains enabled by the rollout of 5G.

Growth of 5G Security-as-a-Service offerings

CSPs have made huge infrastructure investments to bring about the rollout of 5G. In 2021, these CSPs must capitalize on new, high ARPU services and monetize in effective ways to maximize ROI.

Adding cybersecurity as a value-added service to 5G packages is a win-win solution that will protect subscribers, as well as contribute to the bottom line. We have seen many CSPs move in this direction and expect this trend to grow; delivering more secure and protected experience for customers and not only focusing on offering bigger, better, and faster connectivity.

Creating more value with QoE-driven SLAs

Another trend that will gain traction in 2021 is that of network operators increasing their offerings of guaranteed QoE-driven SLAs (Service Level Agreements), supported by dynamic resource allocation.

In 4G networks, the operator allocates traffic packages to users without considering which applications are used.

However, in 5G networks, the focus shifts from the size of the monthly package that the operator provides, to guaranteeing quality of experience. One way this will be done is by “slicing” or allocating end-to-end resources to achieve the experience needed by specific applications.

For example, different slices could be provided for file downloads that are not latency-sensitive and for cloud gaming, which is latency-sensitive. To keep QoE at appropriate levels, these slices must satisfy different requirements at different price levels for different users.

However, we anticipate that slicing, by itself, will only allow the CSP to manage quality up to a point. Traffic within the slice itself (intra-slice traffic), can become congested and needs to be prioritized. Even with 5G slicing, CSPs need a way to measure the QoE of the different applications and services WITHIN each slice. It’s also critical to be aware of inter-slice congestion, which the network doesn’t inherently have the ability to see and manage.

To enable effective management of customer SLAs, even in the face of increasingly encrypted traffic on the mobile network in 2021, leading telecoms will need to adopt solutions that utilize machine learning algorithms that enable granular detection of applications and services.

Machine Learning is driving the industry to the next level

Network operators, and even some enterprises, will need machine learning (ML) tools in order to address 3 main trends.

1. ML tools will be needed to correctly categorize traffic in order to ensure network performance, guarantee QoE, and protect against threats that may contribute to network congestion.

Because traditional DPI can no longer “see” into predominantly encrypted data packets in order to identify application ‘signatures,’ Artificial Intelligence (AI) and ML techniques are necessary to identify applications via various aspects of their traffic behavior.

Thanks to advanced, ML-powered deep packet inspection (DPI), even encrypted protocols that hide unique application signatures can be analyzed and categorized, enabling proper prioritization and management of network traffic as well as providing better security enforcement and the prevention of botnet creation.

2. Network operators will need ML in order to identify actual QoE as perceived by the users, enhancing the ability of network operators to offer QoE-based value-added services.

CSPs will increasingly need ML-powered solutions that enable the identification of all forms of network traffic and can accurately estimate the end-users’ perceived QoE in order to provide differentiated, QoE-driven packages and value-added services for their subscribers.

3. They will also need ML in order to manage the evolving encryption space where encryption schemes are becoming more complicated and the demand to provide security-as-a-service to customers is growing.

For example, as DoH (DNS over HTTPS) and ODoH (Oblivious DNS over HTTPS) become more common, traditional DNS-based security will become ineffective as it will not reliably be able to see the DNS traffic. This will further increase the need for deep packet inspection to provide security based on machine learning-powered traffic analysis.

Although DNS-based solutions may seem like enticing options, they are not future-proof and will not help CSPs to reliably monitor and manage network traffic in an encrypted world.

Machine learning will be used more and more to empower mobile and fixed network operators with the near real-time ability to see, control, and secure their network traffic, even at the 5G scale.

Responding to new challenges

The companies and CSPs that will succeed in 2021 and beyond are those that are investing in R&D now to keep up with the changing trends and current shifts in the market.

As we work with a growing number of Tier-1 operators and enterprises, worldwide, here, at Allot, we have taken it upon ourselves to expand product development, delivery, and customer support in order to help people all over the world to enjoy secure, high-quality digital experiences now and into the future.

Contact us, view a webinar, or listen to one of our podcasts if you’d like to learn more.