TelecomTV TelecomTV
  • News
  • Videos
  • Channels
  • Events
  • Network Partners
  • Industry Insights
  • Directory
  • Newsletters
  • Digital Platforms and Services
  • Open RAN
  • Cloud Native Telco
  • Telcos and Public Cloud
  • The Green Network
  • Private Networks
  • Open Telco Infra
  • 5G Evolution
  • Access Evolution
  • Edgenomics
  • Network Automation
  • 6G Research and Innovation
  • Security
  • More Topics
  • Network Partners
  • Industry Insights
  • Directory
  • Newsletters
  • |
  • About
  • Contact
  • |
  • Connect with us
  • Digital Platforms and Services
  • Open RAN
  • Cloud Native Telco
  • Telcos and Public Cloud
  • The Green Network
  • Private Networks
  • Open Telco Infra
  • 5G Evolution
  • Access Evolution
  • Edgenomics
  • Network Automation
  • 6G Research & Innovation
  • Security
  • Connect with TelecomTV
  • About
  • Privacy
  • Help
  • Contact
  • Sign In Register Subscribe
    • Subscribe
    • Sign In
    • Register
  • Search

Security

Security

How Ericsson and Nokia's 5G hackathon could be a PR win for Huawei

Nick Wood
By Nick Wood

Feb 5, 2020

© Flickr/cc-licence/www.bluecoat.com

© Flickr/cc-licence/www.bluecoat.com

  • White hats were invited to try and break into vendors' products with mixed results
  • Research firm Hardenstance says events like this are useful but not a panacea
  • Once again it shows that determined hackers are vendor agnostic

Further details have emerged of Ericsson and Nokia's participation in a 5G cyber security hackathon which, in the current climate, raise some interesting points about Huawei.

Organised by Finnish regulator Traficom, it took place in late November last year at Oulu University in Finland. For 24 hours, 80 ethical hackers (also known as white hats) from 10 countries spent 24 hours attempting to gain access to commercial and pre-commercial 5G NR, 5G non-standalone core, and 5G fixed wireless access products exposed to them by Ericsson and Nokia.

This is according to cybersecurity research firm Hardenstance, which was in attendance. It highlighted that this is the first time either vendor has ever subjected their mobile network hardware and software to this degree of scrutiny at this scale, and certainly not together.

The hackathon was divided into three challenges.

The first called for participants to attempt to gain access to an Ericsson 5G NR product via the operations and maintenance (OAM) interfaces of the baseband unit and remote radio unit. In the second scenario, they had to attack a 5G network being used to deliver remote eHealth services to hospitals and homes. Finally, the third challenge called for hackers to gain access to a home fixed-wireless access router.

"Nokia went as far as deliberately configuring the fixed wireless access challenge sub-optimally from a security perspective," noted Hardenstance. "This was to make it easier for participants to gain initial access to the network and then go further to see what other flaws they could find and report back."

Ericsson and Nokia claim that the event did not identify any major vulnerabilities, Hardenstance said; however, they "confirmed that some flaws had been found, and committed to taking the findings back to their organisations and incorporating them into their R&D."

Hardenstance said hackathons like this should not be viewed as a panacea, but should be taken as an important contribution to the 5G cybersecurity ecosystem.

Hackers are vendor agnostic

As far as the vendor market in general goes, the event could play into the hands of not just Ericsson and Nokia, but Huawei as well.

On the one hand, Ericsson and Nokia can legitimately claim they are transparent when it comes to identifying and addressing potential vulnerabilities in their 5G products. In contrast, Huawei's engagement on this front is more stage managed.

For instance, it has a newly-opened cybersecurity centre in Brussels where stakeholders can test products and examine source code. That's not the same though as urging a bunch of white hats to successfully compromise your products.

On the other hand though, Huawei can cite the hackathon when it insists that it doesn't matter which vendor a telco uses, dedicated hackers – state-sponsored or otherwise – will find and exploit weakness. It reinforces the argument that China does not need Huawei to install back doors on its kit if it wants to compromise mobile networks.

Of course, Huawei can point this out until it's blue in the face, but it won't stop China's adversaries from trying to have it blocked from 5G networks.

Related Topics
  • 5G Evolution,
  • Analysis & Opinion,
  • Announcement,
  • Cloud Native Telco,
  • Core Network,
  • Ericsson,
  • Europe,
  • Huawei,
  • Mobile,
  • News,
  • Nokia,
  • Research and Trials,
  • Security,
  • Telecoms Vendors & OEMs

More Like This

Security

Asahi Kasei and NEC establish secure analysis platform

Mar 28, 2023

Digital Platforms and Services

What’s up with… KPN, Cellnex, OneWeb

Mar 27, 2023

Security

T-Systems to offer quantum computing expertise and access to IBM Quantum computational resources

Mar 23, 2023

Digital Platforms and Services

DT, IBM, R&D group fuel Europe’s quantum computing sector

Mar 23, 2023

Open Telco Infra

What’s up with… SoftBank, Nvidia, AT&T, Broadcom, VMware

Mar 22, 2023

Email Newsletters

Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.

Subscribe

Top Picks

Highlights of our content from across TelecomTV today

10:43

MWC23 interview: Mari-Noëlle Jégo-Laveissière, deputy CEO of Orange

12:45

MWC23 interview: Abdu Mudesir, Group CTO, Deutsche Telekom

9:26

MWC23 interview: Greg McCall, Chief Networks Officer, BT

TelecomTV
Company
  • About Us
  • Media Kit
  • Contact Us
Our Brands
  • DSP Leaders World Forum
  • Great Telco Debate
  • TelecomTV Events
Get In Touch
[email protected]
+44 (0) 207 448 1070
Connect With Us

  • Privacy
  • Cookies
  • Terms of Use
  • Legal Notices
  • Help

TelecomTV is produced by the team at Decisive Media.

© Decisive Media Limited 2023. All rights reserved. All brands and products are the trademarks of their respective holder(s).