What is special about the threats targeting critical infrastructure? Stealth.

Critical infrastructure refers to the systems, assets, and networks that are essential for the functioning of a society, economy, or country. Cellular Networks, both private and public, are part of Communication infrastructure.

APTs targeting communication infrastructure are not ransomware gangs; they are often backed by nation-states. Espionage or data exflitration is the primary aim. The implants are designed to stay undetected in the infected system for a long time (E.g.: BPF Door, Cyclops Blink).

Private cellular networks are increasingly finding applications in Defense systems, manufacturing industry, V2X communications and so on. Over generations, from 3G to 4G to 5G, Packet core and Radio systems have transitioned to an open architecture. Monolithic architecture and proprietary protocols are giving way to component disaggregation (SBA, ORAN) and interface standardization (SBI, E2). Parts of packet core and RAN have been cloudified.

The transition to open architecture and cloud gives cellular networks the flexibility to support various private network deployment scenarios. Not surprisingly, the attack surface of cellular networks has also expanded. More interfaces are exposed in cloud, edge and in internal networks. CT and IT networks blend in private networks, thus risking threats crossing over from one domain to the other.

The motivation to compromise cellular networks is clear. This talk is about attack vectors from cellular technology.