TelecomTV TelecomTV
  • News
  • Videos
  • Channels
  • Events
  • Network Partners
  • Industry Insights
  • Directory
  • Newsletters
  • Open RAN
  • Digital Platforms and Services
  • 5G
  • Access Evolution
  • Private Networks
  • Cloud Native
  • Edge
  • Open Networking
  • Sustainability
  • AI, Analytics and Automation
  • 6G Research and Innovation
  • Security
  • More Topics
  • Network Partners
  • Industry Insights
  • Directory
  • Newsletters
  • |
  • About
  • Contact
  • |
  • Connect with us
  • 5G
  • 6G Research and Innovation
  • Access Evolution
  • AI, Analytics and Automation
  • Cloud Native
  • Digital Platforms and Services
  • Edge
  • Open Networking
  • Open RAN
  • Private Networks
  • Security
  • Sustainability
  • Connect with TelecomTV
  • About
  • Privacy
  • Help
  • Contact
  • Sign In Register Subscribe
    • Subscribe
    • Sign In
    • Register
  • Search

Security

Security

How Ericsson and Nokia's 5G hackathon could be a PR win for Huawei

Nick Wood
By Nick Wood

Feb 5, 2020

© Flickr/cc-licence/www.bluecoat.com

© Flickr/cc-licence/www.bluecoat.com

  • White hats were invited to try and break into vendors' products with mixed results
  • Research firm Hardenstance says events like this are useful but not a panacea
  • Once again it shows that determined hackers are vendor agnostic

Further details have emerged of Ericsson and Nokia's participation in a 5G cyber security hackathon which, in the current climate, raise some interesting points about Huawei.

Organised by Finnish regulator Traficom, it took place in late November last year at Oulu University in Finland. For 24 hours, 80 ethical hackers (also known as white hats) from 10 countries spent 24 hours attempting to gain access to commercial and pre-commercial 5G NR, 5G non-standalone core, and 5G fixed wireless access products exposed to them by Ericsson and Nokia.

This is according to cybersecurity research firm Hardenstance, which was in attendance. It highlighted that this is the first time either vendor has ever subjected their mobile network hardware and software to this degree of scrutiny at this scale, and certainly not together.

The hackathon was divided into three challenges.

The first called for participants to attempt to gain access to an Ericsson 5G NR product via the operations and maintenance (OAM) interfaces of the baseband unit and remote radio unit. In the second scenario, they had to attack a 5G network being used to deliver remote eHealth services to hospitals and homes. Finally, the third challenge called for hackers to gain access to a home fixed-wireless access router.

"Nokia went as far as deliberately configuring the fixed wireless access challenge sub-optimally from a security perspective," noted Hardenstance. "This was to make it easier for participants to gain initial access to the network and then go further to see what other flaws they could find and report back."

Ericsson and Nokia claim that the event did not identify any major vulnerabilities, Hardenstance said; however, they "confirmed that some flaws had been found, and committed to taking the findings back to their organisations and incorporating them into their R&D."

Hardenstance said hackathons like this should not be viewed as a panacea, but should be taken as an important contribution to the 5G cybersecurity ecosystem.

Hackers are vendor agnostic

As far as the vendor market in general goes, the event could play into the hands of not just Ericsson and Nokia, but Huawei as well.

On the one hand, Ericsson and Nokia can legitimately claim they are transparent when it comes to identifying and addressing potential vulnerabilities in their 5G products. In contrast, Huawei's engagement on this front is more stage managed.

For instance, it has a newly-opened cybersecurity centre in Brussels where stakeholders can test products and examine source code. That's not the same though as urging a bunch of white hats to successfully compromise your products.

On the other hand though, Huawei can cite the hackathon when it insists that it doesn't matter which vendor a telco uses, dedicated hackers – state-sponsored or otherwise – will find and exploit weakness. It reinforces the argument that China does not need Huawei to install back doors on its kit if it wants to compromise mobile networks.

Of course, Huawei can point this out until it's blue in the face, but it won't stop China's adversaries from trying to have it blocked from 5G networks.

Related Topics
  • 5G,
  • Analysis & Opinion,
  • Announcement,
  • Cloud Native,
  • Core Network,
  • Ericsson,
  • Europe,
  • Huawei,
  • Mobile,
  • News,
  • Nokia,
  • Research and Trials,
  • Security,
  • Telecoms Vendors & OEMs

More Like This

Security

Verizon helps block 11B spam texts, 26.5B Robocalls and counting

Aug 11, 2022

Digital Platforms & Services

BT and SEACOM team up to deliver enterprise communications services in Africa

Aug 10, 2022

Security

What’s up with… quantum security, cybersecurity, Dish Network

Aug 4, 2022

Security

Vodacom collaborates with Microsoft to boost cyber skills in South Africa

Aug 3, 2022

Security

T‑Mobile Teams with Homeland Security to Give First Responder Data Top Priority

Aug 1, 2022

Email Newsletters

Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.

Subscribe

Top Picks

Highlights of our content from across TelecomTV today

0:46

The Cloud Native Telco Summit returns this September!

8:32

Azita Arvani on Being a Female Leader at Rakuten Symphony

16:19

AT&T Amy Zwarico on securing telco applications in the public cloud

1:44

Join us for the greatest industry debate of the year!

TelecomTV
Company
  • About Us
  • Media Kit
  • Contact Us
Our Brands
  • DSP Leaders World Forum
  • Great Telco Debate
  • TelecomTV Events
Get In Touch
[email protected]
+44 (0) 207 448 1070
Connect With Us
  • Privacy
  • Cookies
  • Terms of Use
  • Legal Notices
  • Help

TelecomTV is produced by the team at Decisive Media.

© Decisive Media Limited 2022. All rights reserved. All brands and products are the trademarks of their respective holder(s).