Verizon’s Network Security engineers recently engaged in a series of successful trials to future-proof its 5G network against security threats and advance security measures to protect the confidentiality, integrity and availability of Verizon’s 5G network.
The advent of 5G wireless communications constitutes a new era of network connectivity that will revolutionize many aspects of commerce and our personal lives. Along with new technology comes the need for new security measures. Verizon is focused on protecting against threats to customers’ security and ensuring the reliability and resilience of communications services against all manner of hazards, including cyber threats.
“As the design and deployment of networks becomes more complicated and the capabilities of networks allow for much more robust systems, securing those networks is the highest priority,” said Srini Kalapala, Vice President of Network Planning for Verizon. “Not only has our network team built our 5G network with industry-leading security, but our team is anticipating and planning for future security issues to protect our network and mitigate risks today and in the future.”
Advancing the future of 5G security
While Verizon boasts a highly secure 5G network presently, Verizon engineers are continuing to drive innovation and leadership in the area of cyber security, knowing that threats evolve nearly as quickly as new technology is introduced. To that end, Verizon engineers and partners are advancing the following initiatives:
Security Network Accelerators to improve latency and operational efficiency
As network operations become more complex, additional purpose-built hardware supporting security functions such as firewalls, IDS, DDoS, Probes and Packet brokers are deployed throughout the network. The addition of this hardware introduces additional latency and opens the door for greater maintenance as well as additional points of vulnerability. To solve for this, Verizon engineers have virtualized many of these functions and moved them to the cloud. However, for higher performance security functions, however, Verizon engineers are working to install programmable network accelerators as a way to mesh together multiple high performance, latency dependent security functions into a single, AI ML driven Network Accelerator, reducing operational expenses, reducing reliance on programming by people and increasing the efficiency of delivering these security functions. Verizon is working with the University of California Santa Barbara to develop AI ML driven firewall and IDS capabilities that are able to be delivered in a whitebox network accelerator.
AI/ML is a technology that is being broadly adopted in all industries, including 5G, to automate decision making, troubleshooting, forecasting, network management, security, and more. With the acceleration in use of AI ML throughout networks, Verizon engineers are developing an AI ML Security Framework which will offer additional protection in the AI ML models that power the network. This AI ML Security Framework will help verify the providence of information being fed into AI ML algorithms, ensure the AI ML models are operating correctly, and will manage the security around where that information goes and how it is interpreted and used. Verizon engineers are trialing the framework in two AI ML use cases at present; one to detect security anomalies in the network and the other to analyze MIMO antenna performance at cell tower.
Leveraging confidentiality and integrity of data at the network’s core
Understanding the criticality of both the confidentiality and integrity of data, Verizon is working with Guardtime and WWT to provide near real-time, non-repudiated evidence of tampering in a machine’s state while also providing meaningful reductions in time between a machine’s compromise and its detection. If a security breach or incident occurs, it is critical to be able to quickly identify changes in data. With the amount of data stored in systems today, identifying breaches in data integrity can be a time consuming and onerous task. Verizon engineers and our vendors are using cryptographically secure functions to create digital fingerprints of data and store them in a blockchain so they cannot be modified. These fingerprints are fully secure, unhackable and accessible anywhere in the world. By comparing fingerprints stored in the blockchain to fingerprints taken during or after a cyber-attack, companies can more quickly and easily determine if the integrity of their data was compromised. Verizon, Guardtime and WWT are preparing for trials of this new technology to begin over the Verizon network. When complete, Verizon engineers will be able to leverage the confidentiality and integrity of data to more effectively protect the data on the Verizon network including configuration of towers, Verizon Cloud servers and more.
Secure Credentialing Management System (SCMS) for Connected Vehicles
Connected vehicles need to connect to each other, to roadside infrastructure, to other road users and to cloud-based services. SCMS is the fundamental mechanism to ensure those connections are protected against attacks on integrity, confidentiality, and repudiation. The SCMS provides digitally signed certificates and activation codes that are used to validate vehicle safety messages. For the first time in the Connected Vehicle industry, a joint Verizon and LG team effort validated and secured CV2X Basic Safety Messages (BSMs) using a standards-compliant SCMS hosted on a Verizon 5G MEC. This milestone was completed at the Mcity Test Track in Ann Arbor, MI and validates Verizon’s core capabilities in 5G network connectivity. It also demonstrates how 5G MEC can be leveraged for public safety and Connected Vehicle security.
Security of Verizon’s 5G Network
In addition to advancing future security initiatives, Verizon’s Network Security team recently produced a white paper entitled “The Security of Verizon’s 5G Network” which describes how every element of Verizon’s 5G network implements security controls that deliver confidentiality, integrity, and availability so the overall network provides subscribers with a secure communications channel. The paper highlights security initiatives including:
- Leveraging Verizon’s global security capabilities;
- Deploying security features from 5G standards;
- Enhancing security via features specific to Verizon’s 5G implementation;
- Enabling customer-facing security services
“In all aspects of our network, from the core of the network, to the radio access edge, even to the customer device, we have built our network to be secure,” said Kalapala. “From design, to implementation, to deployment the 5G network, built on the foundation of the best 4G security, is the gold-standard in the industry. We will not compromise when it comes to the security of our network and that of our customers’ data.”
This new white paper comes on the heels of an additional security white paper which describes how the new architecture and capabilities of 5G networks will allow operators to detect and address cyber threats faster and more efficiently than ever before.
Verizon achieves milestone in future-proofing data from hackers
Verizon is working today to ensure that communications tomorrow are safe from hackers. To showcase how quantum-based technology can strengthen security, Verizon recently conducted a trial in the Washington D.C. area deploying a Quantum Key Distribution (QKD) network. The successful trial positions Verizon as one of the first carriers to pilot QKD in the U.S.
“We continue to innovate and discover new ways to ensure safe networks and communications down the road for both consumers and enterprises,” said Nicki Palmer, chief product development officer at Verizon. “In testing advanced security technologies, our QKD trial demonstrates how quantum-based technology can strengthen data security today and in the future.”
Quantum computers are believed to be able to solve certain computational problems significantly faster than classical computers eventually making it easier for hackers to crack today’s math-based encryption keys. Since there’s a limit to how many unique number combinations can be generated today, hackers using the increased compute power of quantum computers will be able to more easily decrypt your data.
“The use of quantum mechanics is a great step forward in data security,” said Christina Richmond, analyst at IDC. “Verizon’s own tests, as well other industry testing, have shown that deriving “secret keys” between two entities via light photons effectively blocks perfect cloning by an eavesdropper if a key intercept is attempted. Current technological breakthroughs have proven that both the quantum channel and encrypted data channel can be sent over a single optical fiber. Verizon has demonstrated this streamlined approach brings greater efficiency for practical large-scale implementation allowing keys to be securely shared over wide-ranging networks.”
In the recent trial, live video was captured outside of three Verizon locations in the D.C. area, including the Washington DC Executive Briefing Center, the 5G Lab in D.C and Verizon’s Ashburn, VA office. Using a QKD network, quantum keys were created and exchanged over a fiber network between Verizon locations.
In the trial, video streams are encrypted and delivered more securely allowing the recipient to see the video in real-time while ensuring hackers are instantly detected. A QKD network derives cryptographic keys using the quantum properties of photons to prevent against eavesdropping. Verizon also demonstrated that data can be further secured with keys generated using a Quantum Random Number Generator (QRNG) that creates truly random numbers that can’t be predicted. With QKD, encryption keys are continuously generated and are immune to attacks because any disruption to the channel breaks the quantum state of photons signaling eavesdroppers are present.
Learn more about QKD and the current state of data breaches in the Verizon Business 2020 Data Breach Investigation Report.