Telco CTOs hit back at Ericsson’s Open RAN security scare

• Rakuten and Telefónica CTOs counter claims
• They believe open networking offers greater network security
• Visibility of the end-to-end network is the key to security, says Rakuten CTO
• Closed, proprietary systems seen as a bigger security challenge

The chief technologists at Rakuten Mobile and Telefónica have responded to claims by Ericsson that Open RAN networks have “the potential to expand the threat and attack surface of the network in numerous ways,” countering that open, non-proprietary networks will provide greater visibility and network security options.

The claims that Open RAN networks are more susceptible to security threats emerged last week in a blog and paper published by the Swedish vendor, which appears to be rattled by the growing popularity among network operators of the alternative, disaggregated radio access network architecture proposed by the Open RAN community. (See Ericsson crashes Open RAN party with security scare.)

But Rakuten Mobile, which is set to launch 5G services using an Open RAN architecture within the next few weeks, and Telefónica, which has major plans for Open RAN deployments, see the world differently to Ericsson.

During a presentation for the media this week, as their respective companies announced a wide-ranging collaboration on Open RAN, next-generation OSS and 5G core developments, Rakuten Mobile CTO Tareq Amin and Telefónica group Chief Technology & Information Officer (CTIO) Enrique Blanco countered Ericsson’s claims. 

 “I have huge respect for Ericsson… what they do is just incredible,” stated Amin diplomatically. Ericsson “highlighted very good things… I really respect the Ericsson white paper --  I read it personally,” but “if vendor A provides you with equipment and it is locked and proprietary, the way you trust the security [of that equipment] is that the vendor told you it is secure. Well, that’s one approach… the other is that, as an operator, you should have 100% visibility – you should know, end to end, what is happening in the network. Securing the perimeter and getting visibility [into the whole network] is 80% of the headache – getting into the details of how you continue to harden and secure [the network], that’s an evolutionary process.”

Amin continued: “I'm not underestimating the challenges, but what I see today is the same criticism that existed about virtualization of the core, which [some] say it's not secure or moving to containers… I don't think our system today is less secure [than others]. I actually have a very contradictory opinion, that it is an extremely secure system, because at least I have complete visibility and control about what comes in and what goes out of our network… I'm not concerned about the security apparatus of what an Open RAN or virtualized network would look like.”

Blanco added that in a network built using open interfaces, “you can see what is happening and you can control it… it isn’t a black box. We prefer to be open” and monitoring the network security continuously. “Open RAN is not an additional concern… I appreciate the Ericsson comments and we will be working together… but Open RAN is going to happen anyway” added Blanco.   

The Telefónica CTIO said an open, multi-vendor approach was already working for the Spanish operator in its fixed access network. “I cannot work with private interfaces… if there is a black box, I cannot guarantee security. This is something we did with FTTH, with the OLT [optical line terminal] and ONT [optical network terminal]. We decided we needed to open up the interoperability and the ONT and OLT can be from different providers because we cannot accept that this is a private interface.” Blanco said there are now 8 million customers connected to the “open” FTTH network that provides visibility to the Telefónica operations team, which can “guarantee transparency and privacy… it is a very similar concept.”

And it’s clear, too, that Rakuten’s Amin regards the whole topic of security in a different way to the Swedish vendor, which was at pains to highlight the potential for security challenges by having multiple open interfaces and new/additional network elements from multiple suppliers.

The Rakuten executive has a more holistic view. “To me, [security is] about the transparency of the entire supply chain – not about the security of software, but the security of components, security of manufacturing… when you operate open networks, there is no vendor in the world that is secluding you from looking at your interfaces, there are no more black boxes, you'll have full visibility and I think that's the beginning of what future security might look like, despite all the challenges that might exist in security. The first thing in security is end-to-end visibility…  as an operator you have to have that visibility and abstraction of all these black boxes. So we're very, very happy about what we see of the possibility of open networks, especially around Open RAN.”  

What Amin would like to see if Ericsson embrace Open RAN and open up its technology. “I want to encourage Ericsson and other partners that this is the right thing to do. Don't be afraid what the new world looks like,” he stated. 

- Ray Le Maistre, Editorial Director, TelecomTV