Security Issues with 5G 1

Security Issues with 5G

Nickolas Cuddie

Department of Business Information Systems, Central Michigan University

BIS 101 WI: Business Communication Skills

Dr.Shelly Bartoski

March 27, 2020

AT&T and 5G Security Issues 2

Table of Content

Title Page ……………………………………………………………………………………. Pg. 1

Table of Contents ……………………………………………………………………………..Pg. 2
Abstract ……………………………………………………………………………………… Pg. 3
Introduction …………………………………………………………………………………. Pg. 4
Background …………………………………………………………………………………. Pg. 4
AT&T History ………………………………………………………………………. Pg. 4
4G Network and Protection …………………………………………………………. Pg. 5
5G network and Security Issues …………………………………………………….. Pg. 7
Connections between 4G and 5G …………………………………………………… Pg. 9
Study and Discussion ………………………………………………………………………. Pg.10
Survey Responses …………………………………………………………………... Pg.11
Discussion …………………………………………………………………………... Pg.12
Conclusion …………………………………………………………………………………. Pg.13
Reflection Statement………………………………………………………………………… Pg.13
References ………………………………………………………………………………….. Pg.15
AT&T and 5G Security Issues 3

Abstract

5G, the newest advancement in cellular networks. One might ask what is 5G and what are the

security issues that are associated with it and how do these security issues affect businesses like

AT&T. This paper will cover the history of AT&T. Along with that this paper will also be

discussing 4G network and protection, 5G network and security issues, the connection between

4G and 5G which will be followed by a survey and will end with a discussion about how 5G

security issues affect businesses like AT&T. In the end AT&T, and similar businesses, are

affected a lot by security issues. The security issues that AT&T and similar businesses will have

to face are advancing technologies and security threats, security software that underperforms due

to the amount of technology that exist, cybercriminals, technology exploits, and various other

issues caused by a lack of understanding, technological advancements, or by other factors.

Keywords: 4G, 5G, AT&T, network, security issue, security

AT&T and 5G Security Issues 4

AT&T and 5G Security Issues

Technology, it is everywhere and is used by almost everyone. One of the most common

pieces of technology is cellphones. Cell phones are primarily used for communicating with

people and searching the web. The introduction of the 5G network will change how people use

the internet on their phones. Not only does 5G change how people surf the web on their phones it

also introduces a security issues. This paper will talk about the security issues that are presented

with 5G along with how businesses like AT&T are affected by the security risk presented with

5G. This paper will start with the history of AT&T followed by the security issues presented

with 4G and how the security issues with 5G are different compared to those that are presented

with 4G. After discussing the security risk presented with 5G and how it compares or differs to

the security risk that was presented with 4G the paper will then discuss how the security risk of

5G will be dealt with. A study will also be done to see what people think of the security risk

presented with 5G. The Survey will be done in person and be sent out in a Google form to see

what people think of the security risk and what they think is different between 4G and 5G. When

it comes down to data speeds 5G is the newest that there is and there are security issues that

come along with it. How do businesses like AT&T deal with the security issues that are

presented with 5G.

Literary Review/Background

AT&T History

Before diving into understanding the security issues presented with 5G lets look into

what AT&T is. AT&T stands for American Telephone and Telegraph (The Free Dictionary).

AT&T was founded a hundred and fourty years ago when Alexander Gram bell created the

telephone. That means that AT&T is the first “modern media company”(AT&T). During its
AT&T and 5G Security Issues 5

existence AT&T has worked with WarnerMedia and in 1920 both companies created the first

talking movie The Jazz Singer (AT&T). AT&T has also helped in creating the TV channel HBO

and the news channel CNN (AT&T). Their purpose is to bring connectivity, entertainment, news,

and more to their customers around the world (AT&T). This is just a brief history into AT&T,

who they are, and what they do.

4G Network and Protection

Up until 5G networking was released the network that people relied on was 4G. 4G

stands for fourth generation technology (Nidhi & Nandal,2017). This network, just like 5G, had

security issues. One note to make when looking at the issues is that there is security software and

systems in place to protect the network does not mean that the security issues go away, any piece

of technology is always susceptible to a hack or some type of security issue and that the security

system and software that is in place is there to protect or reduce the impact of a hack or security

issue. One security issue that 4G had was a wifi security vulnerability. The vulnerability was that

text font was changing during coding and decoding (Nidhi & Nandal, 2017). Another security

issue that 4G had was people attacking the system. Nidhi & Nandal say that there are two types

of attacks and that the attacks are identified as either a passive attack or a active attack (Nidhi &

Nandal, 2017). Nidhi and Nandal also say in their article that LTE stands for Long Term

Evolution (Nidhi & Nandal, 2017). Nidhi and Nandal talk about how hackers, by either active or

passive attacks, will either go after what they are looking for by attacking, as Nidhi and Nandal

define as, either the physical layer or Mac layer (Nidhi & Nandal, 2017). One might think that

there are ways to deal with or fix the security issues with 4G and there is.

There are security systems and algorithms in place to make sure that 4G isn’t susceptible

to an attack or a previous security issue. Alas the issue with these systems and algorithms is that
AT&T and 5G Security Issues 6

they do not fully protect 4G but rather reduce the risk of an attack or security issue (Mathi,S et

al.,2017). The article “Integrating Non-linear and Linear Diffusion Techniques to Prevent Fault

Attacks in Advanced Encryption Standard to Enhance Security of 4G-LTE Networks” talks about

a couple of ways to improve the security system in place and increase the efficiency of the

systems. One of the current ways that 4G data speeds are being protected is by three sets of

cryptographic algorithms (Mathi,S et al.,2017). Each of the three algorithms are a combination of

EEA and EIA algorithms (Mathi,S et al.,2017). The article “Integrating Non-linear and Linear

Diffusion Techniques to Prevent Fault Attacks in Advanced Encryption Standard to Enhance

Security of 4G-LTE Networks” says that the first algorithm is called 128-EEA1/128-EIA. The

second algorithm is called 128-EEA2/128-EIA2. The third and final algorithm that the article

identifies is called 128-EEA3/128-EIA3(Mathi,S et al.,2017). The first set, as the article likes to

call it, is based on what is called a snow 3G algorithm where as the second one is based on AES

algorithm, and the third is based on a ZUC Algorithm (Mathi,S et al.,2017). algorithms work to

protect 4G but do not offer full protection against or fully solve the security issues. The article

that talks about the above algorithms also discusses how to improve the effectiveness of the

algorithms so that they can provide better security. In summary the article used two types of

inputs, which consist of a faulty cypher text and a fault free cypher text. The information that

comes from the inputs, the output, get put into a linear diffusion function after a certain number

of times, the article calls each time the linear diffusion function happen a round, the function

would then feed that information or “falt” would be placed into a state matrix (Mathi,S et

al.,2017). The article tested a combination of the cyphers and linear, or nonlinear, functions with

an AES algorithm as a improved data security. The test proved that newer algorithm offered

better protection over the current security (Mathi,S et al.,2017). Even though the algorithms
AT&T and 5G Security Issues 7

mentioned above sound like they are fully taking care of the security issues with 4G but they are

not.

Besides having a combined, or hybrid, algorithm above there are also other ways to

improve the security for 4G data speeds. The article Network Separation and IPSec Ca

Certificates-Based Security Management for 4G Networks talks about how there is some type of

hierarchy structure setup within the security systems that protect 4G (Kowtarapu, C et al., 2009).

The article proposes that the hierarchy be made bigger and have more shells in them while also

having a Hierarchy set up for both IPsec and VlAN so that there are multiple hierarchies which

are supposed to, as the authors of the article suggest, is to meet the needed security for any

network (Kowtarapu, C et al., 2009). Another way to protect 4G networks is to have network

separation. The network separation makes sure that the network isn’t congested, that data goes

where it is supposed to go, isolates any traffic path if and when needed, and lowers the risk

against certain types of attacks like, and as what the authors like to call, flood attacks

(Kowtarapu, C et al., 2009). Even though the security for 4G is being improved technology has

advanced and has introduced a new type of data speed.

5G Network and Security

The new data speed is known as 5G. 5G stands for fifth generation and is the newest

generation of network (Hussain,R et al. 2019). Just like 4G, and networks before 4G, 5G has

security issues. With 5G being the newest network available, it will be and is more prone to

attacks (Hussain,R et al. 2019). Huawei Technologies, a tech business known for its cellphones

and security, is one example of how a business is adjusting to 5G. The issue that Huawei is

facing is they are being questioned, and is under trial, for their security standards (Pratt, M. K.,

2019). So not only is this business facing newer security issues they are also facing external
AT&T and 5G Security Issues 8

issues. The external issues consist of a ban of their products in the U.S., and potentially Canada,

along with being questioned for their security, influence from governments, and are having to

meet governmental standards for 5G security (Pratt, M. K., 2019). As stated above there are

security issues with 5G. Some of these security issues are similar to the security issues with 4G

in which these similar security issues will be discussed later. With 5G being released to the

public shows that there is already some type of security in place to protect those that are already

using 5G. A article called “Integration of VANET and 5G Security: A review of design and

implementation issues” discusses various security issues and solutions. The research of the

article also looks into 5G vehicular networks (Hussain,R et al. 2019). Technology has advanced

to the point to where data networks are used beyond cellphones. That means that security issues,

and security, in cellphones have also evolved.

So there are a lot of security issues that come with 5G networks. The best way, and

simplest way, to say the security issues are is that 5G network and anything associated with it

can be exploited and be hacked, damaged, or compromised in one way or another (Hussain,R et

al. 2019). Some of the more common types of attacks are proliferation, jamming, sybil attacks,

malware, integrated attacks, and, DDoS, which stands for distributed denial of service

(Hussain,R et al. 2019). These attacks trick, deceive, block, spy, or do anything else that the

person in charge of the attack wants (Hussain,R et al. 2019). These security issues, or attacks, are

also present in any vehicle or technology that uses a 5G, or similar, network (Hussain,R et al.

2019). One of the ways that security issues are being dealt with is by security software. The

security software, just like the security issues, have specific purposes and protect anything and

everything (Hussain,R et al. 2019). The website/article “Guest Editorial Physical Layer Security

for 5G Wireless Networks, Part I” is a prime example of some of the ways that technology can
AT&T and 5G Security Issues 9

be hacked. The article consist of 19 papers and each paper talks about a certain way that a

cellular network can be hacked and offer a solution as to how the vulnerability, or security issue,

can be potentially be protected (Wu, Y et al., 2018). The research performed in these papers

further show that there are a lot of security issues and flaws that can be exploited if not taken

care of. Some of the security methods mentioned in the article “Guest Editorial Physical Layer

Security for 5G Wireless Networks, Part I” and not in any of the other sources are hybrid

security programs, ease dropping protection software, and polar coding. Some of the security

issues mentioned are ease dropping programs and spoof attacks (Wu, Y et al., 2018). One might

think that once security is in place that all of the security issues are taken care of but that is not

the case. There are two main factors that cause the security issues to change, technology and

hackers. Both are constantly changing. So when both change the security is not performing at

peak performance or are completely inefficient.

Connections between 4G and 5G

As networks advance, in both security and security issues, one might think that there are

no security connections between one data generation and the next. Some of the security issues

that exist between 4G and 5G are DoS, also usknown as Denial of Service, forgery attacks, and

as the authors of “Security for 4G and 5G cellular networks: A survey of existing

authentication and privacy-preserving schemes” say that there are fourteen other

security issues that exist between 4G and 5G networks (Ferrag, M. A. et al., 2018). Not only

is there some security issues that coexist between 4G and 5G network but there are security

programs in place that protect both networks. The security software consist of intrusion

detection, cryptography, human interaction/factors, and formal and formal techniques (Ferrag,

M. A. et al., 2018). article by the name of “Ensuring telecommunication network security

AT&T and 5G Security Issues 10

through cryptology: a case of 4G and 5G LTE cellular network providers” test the protocols of

cryptography to see how well to see how they performed. The results showed that the protocols

performed really well and is a really good security option for 4G and 5G (Manasreh, A. et al.,

2019). Some other security software protection connections through various forms of

authentications with privacy and biometric security (Ferrag, M. A. et al., 2018). All of this

research shows that even though there is security in place for network speeds, no matter if it is

5G or another network, that there will always be security issues.

Survey

The research and information above shows that the main security issues are advances in

technology, security software underperforming or quickly becoming outdated due to advances in

technology, and changes in technology vulnerabilities. Besides researching 5G security issues I

also created a survey, which was created using Google Survey, for people to fill out to find out

what people think about the security issues of 4G and 5G and to see what they know about 4 and

5G. Originally I planned on putting the survey on the social media site Facebook and go around

CMU and ask students to fill out a physical or electronic version of the survey.Due to the

Corona pandemic, and the events that followed, I ended up using Facebook as the primary way

to get responses to the survey. Besides having the survey online I contacted a couple of friends

and family, via call and/or text, and asked them to complete the survey. Once the survey was

online it was available to be filled out for a period of almost two weeks. The only restrictions

that people had when they filled out the survey was that they had to answer each question and

could only submit a completed survey once. The survey consisted of ten questions in which five

where multiple choice questions and five required a typed response from the people who took the

survey. The questions went in this order, Besides being a cellular data speed, do you know
AT&T and 5G Security Issues 11

anything about 4G and 5G? The question after that was Besides being a cellular data speed, do

you know anything about 4G and 5G? The third question was Do you think that the security

issues are the same between 4G and 5G? Question four was What do you think are the security

issues of 4G are? The following question was What do you think are the security issues of 5G

are? The sixth question that people were asked in the survey was Do you think that the security

issues between 4G and 5G are similar or different? Question seven of the survey was How do

you think the security issues of 4G are being dealt with? The following question was Do you

think that the security that is in place for 4G be used for 5G? Questions nine and ten were Do

you think that the security that is in place for 4G be used for 5G, and How does the security

issues of 5G affect businesses like AT&T? These were the questions that the people of the

survey filled out. As one can see the questions started out asking about 4G networks and then

moved on to 5G and then ended with comparing and contrasting 4G and 5G. The reason I set up

the survey was because I wanted to ask people about a cellular network that people were familiar

with and then go onto asking about the new network,5G, and the security issues that are

associated with that network. I then wanted to ask people to compare and contrast certain

aspects, primarily the security issues and security that is in place, of 4G and 5G. Lastly I wanted

to see how others thought how businesses like AT&T are affected by the security issues of 5G.

Survey Responses

Now knowing what the survey questions are and what the purpose of the survey is lets

now look at the answers. For question one seven out of the eight people responded no while one

person answered yes. For question two six out of the eight people that took the survey responded

with no while the other two people said yes. For question three, half of the group responded with

maybe while the other half responded with no. With question four and five about half said they
AT&T and 5G Security Issues 12

did not know what the security issues with 4 and 5G are while everyone else said data hacking,

data hacking with privacy, and bad guys. For question six one person said that the security issues

between 4 and 5G are the same while everyone else said that they did not know. For question

seven about half the survey group chose to answer with some form of I don’t know while

everyone else said that 4G security issues can be dealt with firewalls, better security, tech

support, and by taking care of the issue yourself. Question eight was the last multiple choice

question and seventy-five percent of the study group said no to the security that is in place for 4G

be used for 5G while the other twenty-five percent said yes. For question three people responded

with I don’t know while everyone else gave an answer to why is security important for 5G. The

responses, besides the three I don’t know answers, said to keep up with technology, to protect

users, bad people will be bad, and personal privacy. The last question asked the survey group

how the security issues with 5G affect businesses like AT&T. About half went with the answer

of I don’t know while the others said lawsuits, data taping and mining, and that the security

issues can trickle down and affect the customers of AT&T. The responses to the questions

provide a decent amount of answers.

Discussion

Between the survey and the research I was able to find out how businesses like AT&T are

affected by the security issues of 5G. The research proved that technological advancements are a

major factor for the security issues. The technological advancements make it where security

software is not working at peak performance which then in turn makes AT&T and similar

businesses more vulnerable to attacks. The research also showed that there is not enough security

in place which means that AT&T is not putting enough protection in place to protect itself from

an attack. The survey showed that people don’t have a proper understanding of what goes on
AT&T and 5G Security Issues 13

with protecting their devices and are putting themselves at a risk because of this

misunderstanding. Due to this lack of understanding a person can end up doing something

horrible unintentionally and have it where their information is hacked. The same can go for

businesses like AT&T. AT&T has to deal with governmental and outside regulations/standard,

external forces, and other issues on top of protecting their customers and their own information.

AT&T, in the case that they get hacked or don’t follow the government regulation, can get sued

or fined because they failed to protect themselves against the security issues of 5G, or another

network, or have the proper security in place. Another reason why AT&T is affected by 5G is

due to the fact that 5G is relatively new and they will have to adjust to the newer network and its

issues while still maintaining 4G and other networks. These are all of the different things that

businesses like AT&T have to deal with when it comes to the issues associated with 5G.

Conclusion

When looking at 5G and the security issues that it has and seeing how these issues affect

businesses like AT&T one must understand the history of AT&T along with the history of 4G

and 5G along with understanding what both are. On top of that people must understand that there

are security issues associated with 4G and 5G, what they are, and how they are taken care of. In

the end 5G is the newest generation of cellular networking and is being implemented in

businesses like AT&T. These are the security issues of 5G and how they affect businesses like

AT&T.

Reflection

This paper has shown me that there are a lot of details and issues that come up with

protecting a network. I plan on going into cybersecurity once when I am done with college. I

started this paper thinking that the security/cybersecurity for cellular networks was going to not
AT&T and 5G Security Issues 14

have as many threats when compared to all the technology exist. I found out that cellular

networks need just as much protection if not more protection then all other technology. Even

though I am planning on going into cybersecurity I do not plan on working for AT&T. The

reason why is due to them mainly being a technology, mainly phones, and network provider.

With my degree I don’t want to be a person who sells phones, or other tech, and be the I.T. guy

that knows how to fix it. I want to be in the job where I am protecting a persons and businesses,

which includes AT&T, online data and information and make sure that information doesn’t fall

into the wrong hands. On top of that I want to be able to help reduce the gap between the security

software that exist and the actual amount security needed to protect the information that needs to

be protected. The research that I have preformed for this paper shows that there is a huge need

for people who specialize in cybersecurity and that this field is constantly changing due to newer

and better security coming out. The research also shows how much people don’t know that much

about the security issues and security that is needed for technology. This information shows that

there is a high demand for the people in this field and that the field of cybersecurity plays a huge

factor in the realm of technology. This paper has furthered my interest and desire to go into the

field of cybersecurity.
AT&T and 5G Security Issues 15

References

AT&T. (n.d.). Retrieved from https://acronyms.thefreedictionary.com/AT&T

AT&T Official Site - Unlimited Data Plans, Internet Service, & TV. (n.d.). Retrieved from

https://www.att.com/?

source=EGOOTMKINFBNDDSKP&WT.srch=1&wtExtndSource=at&t&gclsrc=aw.ds&

ds_rl=1271035&gclid=CjwKCAiA-

vLyBRBWEiwAzOkGVGKTY7drtGgyCeOT7wHRSiio8yWZjQvNXmQyta_x2ed-

HxvJa-bJ9hoCNH8QAvD_BwE

Ferrag, M. A., Maglaras, L., Argyriou, A., Kosmanos, D., & Janicke, H. (2018). Security for 4G

and 5G cellular networks: A survey of existing authentication and privacy-preserving

schemes. Journal of Network & Computer Applications, 101, 55–82. https://doi-

org.cmich.idm.oclc.org/10.1016/j.jnca.2017.10.017

Hussain, R., Hussain, F., & Zeadally, S. (2019). Integration of VANET and 5G Security: A

review of design and implementation issues. Future Generation Computer Systems, 101,

843–864. https://doi-org.cmich.idm.oclc.org/10.1016/j.future.2019.07.006

Kowtarapu, C., Anand, C., & Guruprasad, K. G. (2009). Network Separation and IPsec CA

Certificates-Based Security Management for 4G Networks. Bell Labs Technical Journal,

13(4), 245–255. https://doi-org.cmich.idm.oclc.org/10.1002/bltj.20347

Manasreh, A., Sharadqh, A. A. M., Alkasassbeh, J. S., & A1l-Qaisi, A. (2019). Ensuring

telecommunication network security through cryptology: a case of 4G and 5G LTE

cellular network providers. International Journal of Electrical & Computer Engineering

(2088-8708), 9(6, Part 1), 4860–4865. https://doi-

org.cmich.idm.oclc.org/10.11591/ijece.v9i6.pp4860-4865
AT&T and 5G Security Issues 16

Mathi, S., Kalyaan, P., S., K., & S., B. (2017). Integrating Non-linear and Linear Diffusion

Techniques to Prevent Fault Attacks in Advanced Encryption Standard to Enhance

Security of 4G-LTE Networks. Defence Science Journal, 67(3), 276–281. https://doi-

org.cmich.idm.oclc.org/10.14429/dsj.67.10118

Nidhi, & Nandal, V. (2017). An Overview of the Attacks on Lte in 4G: Exploiting the Security.

International Journal of Advanced Research in Computer Science, 8(9), 679–681.

https://doi-org.cmich.idm.oclc.org/10.26483/ijarcs.v8i9.5150

Pratt, M. K. (2019). Huawei ban highlights 5G security issues CISOs must tackle. Information

Security, 20(2), 3.

Wu, Y., Khisti, A., Xiao, C., Caire, G., Wong, K.-K., & Gao, X. (2018). Guest Editorial Physical

Layer Security for 5G Wireless Networks, Part I. IEEE Journal on Selected Areas in

Communications, 36(4), 675–678. https://doi-

org.cmich.idm.oclc.org/10.1109/JSAC.2018.2832378