Security Experts:

Bewitched by 4G/LTE? Security Might Break That Spell

What Do 4G/LTE Networks' Entirely New Infrastructure Mean for Security?

By now, we’ve all seen the uncharacteristically techie ads for 4G/LTE phones and services. Even for those of us who don’t know that LTE stands for Long Term Evolution, the 4G postscript reassures us that we are going to get more, better, and faster. After all, the “Gs” have been part of our vernacular and consciousness for a while.

1G brought us the even-in its-own-time, grin-worthy “brick;” and 2G, the enduring clam shell. 3G phones and networks have been all about smartphones and extending voice communications to data and video. And the in-between “Gs” have offered tweaks for call quality and a range of new services.

Benefits of LTE Mobile NetworksBut now, with the bewitching 4G, comes the promise of a near quantum leap rather than just simple improvement. Think downloading and viewing a two-hour movie on your smartphone while riding the bus home—as fast, nay faster, than you can on your home computer. That speeds the essence of the 4G/LTE promise: a multimedia-centric network model and constituent devices that vastly improve the service quality of its predecessors.

That said, does this mean that 4G/LTE networks are based on entirely new infrastructure? Yup, that’s exactly what it means. The cellular or wireless networks of the past were built and optimized for voice communication. Over time, as text and email messages became more popular, the networks—and devices for that matter—were modified to handle the additional traffic.

Today though, multimedia-capable mobile devices are an imperative of every part of our personal and professional lives and we expect them to give us access to everything, everywhere, and in an instant. This type of information urgency has caused the makeup of the wireless network to change to an “all IP” network or one that looks very much like the computer networks we use at work and school. This means that our phones and the entire mobility management infrastructure that makes our iPhone to Android SKYPE calls possible will have IP addresses just like our laptops do on land-based networks today. So the experience of connecting over the wireless or cellular carrier network will be indistinguishable from the one we have over local wifi—what’s not to like about that?

For starters, think about getting a lot more SPAM, since the sources and destinations (i.e., new IPs) will increase by orders of magnitude. This may be a mere nuisance on your hotmail account, but with pay-as-you-use text and data smartphone plans, it could end up costing you serious cash. To boot, there are viruses and botnet infections that are specifically written to make sure your phone is “called” or woken up repeatedly just for the fun of draining the battery. Then, there are the more insidious possibilities that include a critical mass of infected phones that unwittingly participate in denial of service attacks, causing cellular network disruption for legitimate users. Security is also likely to take center stage as smart meters for home, wireless health monitors, and IPTVs join the ranks of 4G connected devices available to us.

But are any of these really unexpected? These are all of the security and service quality challenges that Internet-connected users and network administrators face within terrestrial networks today. So, naturally, the 4G/LTE all IP infrastructure will just extend the attack surface. And while technologies like firewalls, intrusion detection sensors, encryption tools and subscriber protection suites can ameliorate some of the risks, the question now is: What’s available to you from your provider and for your chosen device?

All things considered, 4G/LTE networks are still pretty new—with most of the world’s wireless services carriers only now transitioning. In the U.S., Verizon and Metro PCS offer 4G service. AT&T’s rollout is currently underway and will continue through 2013. If you are planning on making the switch for yourself, your organization, or business, then be sure to ask some questions of your service representative. Understand what steps can be taken to protect device contents and ensure secure connectivity. And know your options for protecting your device—and your wallet—from unwanted connection attempts and gratuitous traffic.

4G is the way of the near-term future (in fact there’s even LTE advanced planning underway) and I for one am giddy about the prospects of catching up on email and my favorite TV shows without a single second of train commute wasted. But for me, it will be an all-security-options-“on” ride.

view counter
Johnnie Konstantas heads Gigamon’s security solutions marketing and business development. With 20+ years in telecommunications, as well as data and cybersecurity, she has done a little bit of everything spanning engineering, product management and marketing for large firms and fledglings. Most recently, she was the VP of Marketing at Dato, a company pioneering large-scale machine learning. She was also VP Marketing at Altor Networks (acquired by Juniper), an early leader in virtualization security and at Varonis Systems. Past roles have included product management and marketing for Check Point, Neoteris, NetScreen and RedSeal Systems. Johnnie started her career at Motorola, designing and implementing large-scale cellular infrastructure. She holds a B.S. in Electrical Engineering from the University of Maryland.