5G Security Challenges and Solutions: A Network Security Vendor’s Guide

5G Standalone (SA) networks offer significant connectivity upgrades from 4G and other legacy standards. Notably, private 5G enables enterprises to support mission- and safety-critical applications, such as industrial robotics or remote surgeries. Although 5G SA networks make significant improvements to security compared to previous mobile generations, malicious actors continue to evolve their tactics. For 5G Non-Standalone (NSA) networks, a hybridized model creates a security landscape with significant complexity, with cross-correlation of threat indicators critical to tackling attacks.

Marketing and product teams at network security companies must evolve to match their features and messaging to the specific needs of private network operators. In this article, we will identify prominent 5G security challenges that network operators experience and the most promising solutions.

 

 

Key Takeaways:

• 5G networks are under threat. Mobile Network Operators (MNOs) continue to be focused on network security as customers increasingly prioritize data protection. According to ABI Research, spending on 5G network security will increase from around US$4 billion in 2025 to more than US$11 billion by 2029.
• Technical and non-technical challenges loom. Technical challenges of securing 5G networks include expanded attack surfaces, increased complexity in managing devices, and more sophisticated cyberattack tactics propelled by Artificial Intelligence (AI). A notable non-technical concern is the scarcity of telco security experts.
• Cybersecurity vendors are essential. Successfully safeguarding 5G networks requires software and hardware solutions such as signaling firewalls, Extended Detection and Response (XDR) platforms, Generative Artificial Intelligence (Gen AI) tools, and Application Programming Interfaces (APIs). Holistic, software-based solutions are becoming preferable.
• Applying general Information Technology (IT) security best practices. Network operators need to adopt the same security principles that IT teams have already used for years. Therefore, security vendors must offer solutions that support Continuous Integration/Continuous Deployment (CI/CD), GitOps, and zero trust frameworks.

 

 

What 5G Security Challenges Do Network Operators Face?

5G has been dubbed “secure by design” by the telecoms industry. A recent ABI Research study echoes this sentiment, with improved security being the top 5G investment driver for manufacturers. While it’s true that 5G networks have superior protection compared to legacy protocols, they are not immune to cyberattacks.

Cyber risks are not just residual; they are also amplified by the very features that make 5G so powerful. The deployment of 5G creates unique challenges that many MNOs are unsuited to solve.

• The Attack Surface Has Expanded: The first issue is that 5G enables more Internet of Things (IoT) devices to be connected to a company network simultaneously. Consequently, threat actors have access to more potential entry points they can exploit. Particularly, Distributed Denial of Service (DDoS) attacks have become a more pressing security issue with the increased number of connected devices and enriched data volumes. In the 5G era, threat actors now have a larger attack surface from which they can hijack a device, with lateral movement through the network enabling a potentially massive impact. This problem is especially prevalent in industrial sectors like oil & gas, where downtime costs hundreds of thousands a day and ransomware payments can be in the millions.
• Increased Complexity in Device Management: Another disadvantage of 5G is that equipment management becomes more concerning with a vast number of devices and device types. 5G security vendors must strongly consider a standardized approach, such as reusable logical isolation, robust gateway structures, and bolt-on hardware solutions. Subscriber Identity Module (SIM)-based solutions, such as remote provisioning, should also be top-of-mind for telco security teams to build comprehensive asset visibility and device management.
• More Sophisticated Attacks: The performance enhancements of 5G, while beneficial for users, also embolden attackers with new capabilities. Hostile actors benefit from the improved bandwidth and reduced latencies of 5G. As a result, they can carry out more sophisticated attacks, including real-time manipulation. This pain point mirrors the growing prevalence of AI-supported attacks. While AI provides significant value for organizations, it can also be used against them by cyber groups with malicious intentions. Network virtualization and network slicing further cascade the 5G security threat as they increase complexity and misconfiguration risks.
• Cybersecurity Skills Shortages: As cyberthreats evolve in sophistication and data privacy becomes a pressing concern for smartphone users, 5G operators demand deeper expertise. But this much-needed expertise has been elusive to the telecoms industry. It is estimated that there are roughly 70% fewer telco security experts available than the industry requires. MNOs widely lack the in-house expertise required to combat emerging 5G threats, which are increasingly present due to “as-a-Service” and geopolitical risks (e.g., Salt Typhoon). It’s challenging enough to find workers with in-depth knowledge of just 5G network architectures alone. Finding someone with expertise in both 5G topology and cybersecurity can be like finding a unicorn.
• Legacy Threats Remain: Complicating matters further, 5G networks rarely operate in isolation. Most deployments must coexist with older generations of connectivity, which carry their own risks. GSMA reports that 85% of operators plan to keep using 2G/3G for the foreseeable future. These hybrid networks will be prone to some familiar cyberthreats, notably attacks on the signaling layer. So just because a company has upgraded to a 5G network does not necessarily mean legacy problems will disappear. Network security vendors must be cognizant of this pain point when developing product portfolios and reaching out to potential customers.

MNOs are dealing with more network exposure as they leverage open APIs, transition to more IT-like infrastructure, and build greater interconnectedness. Therefore, network operators are increasingly outsourcing full-stack cybersecurity to managed service providers. Security tools are often delivered as-a-Service, allowing operators to tap into high-quality security professionals without the need to recruit them. Telcos are also leveraging Gen AI tools to automate threat detection and response in the wake of talent shortages.

Which Solutions Can Maintain 5G Security?

There are several solutions that can help maintain security in 5G networks and meet the National Institute of Standards and Technology (NIST) Cybersecurity Framework. Notable technology solutions include signaling firewalls, XDR platforms, AI-based tools, and security APIs.

5G Signaling Firewalls

The signaling layer of a 5G network, especially NSA deployments combined with legacy connectivity, is prone to signaling storms, spam, ransomware, Denial of Service (DoS) attacks, and other threats. Signaling firewalls significantly reduce fraud rates and eliminate many cyberthreats once deployed, making them a core component of a network security framework. Firewalls ensure that signaling messages from within and outside the network are authenticated, compliant, and safe.

While hardware signaling firewalls remain a key part of the 5G security ecosystem, software-based solutions are gaining prominence. Virtualized, software-based signaling firewalls facilitate quick updates, configurations, and compatibility error fixes. Firewalls represent a sizable opportunity for network security vendors, given that many MNOs have yet to deploy them within their network.

Extended Detection and Response (XDR) Platforms

XDR platforms benefit network operators in three key ways: they centralize threat detection, streamline response, and enhance network visibility. 5G networks generate unprecedented amounts of data, making analysis more difficult for Security Operations Centers (SOCs).

XDR unifies data across multiple layers, including the network, endpoints, and cloud. That way, companies can view all telco security-specific data under a single pane of glass and respond to threats faster.

Large Language Models (LLMs) are often integrated into XDR solutions for generating incident summaries and providing remediation steps. The former use case is important for complying with regulations that require telcos to make a detailed report on the what, how, and why of a breach.

ABI Research forecasts a 6X increase in telco XDR spending between 2023 and 2029, reaching US$570 million annually at the tail end of the decade.

AI & Gen AI Tools

IBM reports that cybersecurity teams that use AI and automation tools experienced a 108-day shorter data breach lifecycle than organizations that do not use these technologies. Additionally, a recent ABI Research survey of 100 telco companies found that 65% of respondents already use Gen AI tools for predictive security. 

Although there are concerns around responsible AI and costly false positives, the telecoms industry widely agrees that AI integration is an essential cybersecurity best practice. Gen AI copilots can identify network threats and make suggestions to remedy said threats.

For the best results, ABI Research posits that AI-based tools should be integrated within a broader XDR solution. For example, Nokia’s Gen AI-powered Threat Response Playbooks prioritize the most urgent security threats detected and provide recommendations to human workers. Tools like this are invaluable for the many network operators lacking the expertise to mitigate sophisticated attacks.

Despite the skills gap that AI can fill for telcos, a qualified human worker must still be involved in the decision-making process. For now, AI and Gen AI tools save significant time for telco security teams and detect anomalies that the naked eye never could. But final remediation procedures fall on the shoulders of cybersecurity experts (learn more in the ABI Research report, The Role of AI in 5G Security).

Figure 1: Framework for Using AI in Telco Security

(Source: ABI Research)

Security APIs

APIs are a prime target for malicious actors trying to breach a cellular network. Case in point, more than a third of Australia’s population had their data compromised in 2022 when telco operator Optus had its API exposed. 5G Core networks are cloud-based and rely on a Service-Based Architecture (SBA), which elevates exposure risks. The development of security APIs is paramount to securing 5G networks.

Telco-specific solutions are designed to thwart data leakage, DoS attacks, cross-slice interference, unauthorized access from social engineering tactics, and other cyberthreats. Vendors like Oracle, Nokia, Red Hat, and F5 are early movers in this space (these vendor profiles are found in the ABI Research report, API Security in 5G Networks).

Working with standardization bodies, such as GSMA’s Open Gateway CAMARA project, is pivotal to ensuring much-needed API interoperability within the complex 5G security landscape. Although security APIs currently constitute a tiny portion of the total network API market, ABI Research forecasts they will be the biggest 5G monetization opportunity through 2028.

5G Security Best Practices That Vendors Should Align With

Connectivity is now viewed as a commodity item among enterprises and consumers. To generate revenue beyond connectivity, telcos are racing to become Digital Service Providers (DSPs) that offer novel applications catered to specific customer segments. 5G security will naturally be impacted by this transformation, requiring MNOs to secure complex network topologies.

In addition to deploying the technology solutions identified in this article, network operators will borrow best practices from traditional IT security professionals, albeit tailored to telco operations. 5G security providers can help customers adopt these best practices by taking the following actions:

• Support CI/CD for Agile Deployments: Continuous Integration/Continuous Deployment (CI/CD) is poised to be the solution to costly, time-consuming compatibility fixes. CI/CD ensures that 5G network operators can swiftly respond to new network threats and their software stacks stay up to date.
• Design Security Products with GitOps in Mind: By employing GitOps, telcos can update software at a single, secure access point. Network security vendors should develop tools that work seamlessly with a GitOps model to prevent insecure workloads from being deployed and ensure that malicious code does not spread within the broader network.
• Build for Zero Trust Architectures: A zero trust model means no network user is trusted by default. Every access request requires verification. This IT security best practice will increasingly be essential for 5G network protection as telcos move away from perimeter security and focus on minimizing internal exposure. To accommodate high-performance environments, network security vendors must provide lightweight, efficient verification and certificate management.

Holistic, Software-Based Solutions Are Tailor-Made for 5G Security

ABI Research sees 5G security solutions becoming increasingly software-driven. While 36% of 5G network security revenue was derived from software in 2024, that number will climb to 44% by 2029.

As pointed out in our report, Securing Private Cellular Networks: Technology & Market Trends, the delivery of as-a-Service tools is taking hold across many markets. Telcos and enterprises will be drawn to managed service pricing models as they lack the in-house skills to maintain security within a complex 5G network. Forward-looking security vendors have recognized this key challenge. They provide holistic solutions that account for threat mitigation across the entire cellular environment. Next-generation firewalls, XDR platforms, AI copilots, and security APIs are core tools in the arsenal.

5G network operators crave simplicity. They are not interested in having to deploy disparate tools from various vendors. Security providers that offer comprehensive solutions with IT security best practices in mind gain a competitive advantage in the telco space. They can maximize Return on Investment (ROI) for telcos and enterprises of all sizes, broadening market reach.

For further insight into the 5G security landscape, read the following articles from ABI Research’s eSIM & SIM Solutions analyst team:

• AI Is Poised for a 5G Security Takeover: How to Embrace It Without Getting Burned
• Security Vendors Shaking up Cloud Security during 5G Transition
• Extended Detection and Response (XDR) Gaining More Prominence in the 5G Security Landscape

Frequently Asked Questions

How secure is 5G?

5G is considered more secure than previous mobile generations and has been called “secure by design.” However, while it strengthens protection for critical applications like robotics or remote surgery, it is not immune to cyberattacks, especially in hybrid deployments that mix 5G with older networks.

What are the 5G security challenges?

Key challenges include a larger attack surface from billions of connected devices, complex device management, and more sophisticated cyberattacks. Skills shortages in the telecom security and lingering vulnerabilities from legacy 2G/3G networks are further 5G security concerns.

What solutions help maintain security in 5G?

Effective 5G security solutions include signaling firewalls, Extended Detection and Response (XDR) platforms, AI/GenAI tools, and security APIs. These tools should be complemented with IT security best practices like zero trust, CI/CD, and GitOps. These solutions help operators reduce risks, automate threat detection, and manage the complexity of 5G networks.