* [Blog](https://www.paloaltonetworks.com.au/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com.au/blog/corporate/)
* [Service Providers](https://www.paloaltonetworks.com.au/blog/category/service-providers/)
* MNOs Want Better Security...

# MNOs Want Better Security: Achieving Threat Prevention in a Hyper-Connected 5G Environment

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2017%2F06%2Fsp-mnos-want-better-security-achieving-threat-prevention-hyper-connected-5g-environment%2F)  
[](https://twitter.com/share?text=MNOs+Want+Better+Security%3A+Achieving+Threat+Prevention+in+a+Hyper-Connected+5G+Environment&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2017%2F06%2Fsp-mnos-want-better-security-achieving-threat-prevention-hyper-connected-5g-environment%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2017%2F06%2Fsp-mnos-want-better-security-achieving-threat-prevention-hyper-connected-5g-environment%2F&title=MNOs+Want+Better+Security%3A+Achieving+Threat+Prevention+in+a+Hyper-Connected+5G+Environment&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/2017/06/sp-mnos-want-better-security-achieving-threat-prevention-hyper-connected-5g-environment/&ts=markdown)  
\[\](mailto:?subject=MNOs Want Better Security: Achieving Threat Prevention in a Hyper-Connected 5G Environment)  
Link copied  
By [Galina Pildush](https://www.paloaltonetworks.com/blog/author/galina/?ts=markdown "Posts by Galina Pildush")  
Jun 19, 2017  
4 minutes  
[Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)  
[5G](https://www.paloaltonetworks.com/blog/tag/5g/?ts=markdown)  
[MNO](https://www.paloaltonetworks.com/blog/tag/mno/?ts=markdown)  
[mobile network operators](https://www.paloaltonetworks.com/blog/tag/mobile-network-operators/?ts=markdown)  
[Mobility](https://www.paloaltonetworks.com/blog/tag/mobility/?ts=markdown)

Only a few years ago, the world was buzzing with the term "4G." While many mobile network operators (MNOs) are still rolling out their 4G infrastructures, the world is already buzzing about "5G." Year 2020 is the suggested timeline for when MNOs are predicting to be ready for 5G. Development is already in the works with [IETF](https://tools.ietf.org/html/draft-xyx-5gip-ps-00), [3GPP](http://www.3gpp.org/), [5G-PPP](https://5g-ppp.eu/), [ETSI](http://www.etsi.org/) and [NGMN](https://www.ngmn.org/home.html), to name a few. Many government bodies, such as the [European Union](https://ec.europa.eu/digital-single-market/en/5g-europe-action-plan), are funding 5G rollouts pre-2020 using pre-standard technologies.

But what's in it for an average user to be hyper-excited about hyper-connected 5G? How do MNOs view 5G? What are the security challenges that MNOs will need to face with a 5G rollout?

From an average user's perspective, 5G will bring ultra-low latency, high speeds reaching up to 10Gb/s per user equipment and richness of services on-demand, as well as ultra-high availability, reliability, and interconnectivity with everyone and everything through connected devices, nowadays commonly referred to as the internet of things (IoT).

[](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/06/5g_1.png)  
[![5g\_1](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/06/5g_1.png)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/06/5g_1.png)

*Source: [5G Vision, 5G-PPP](https://5g-ppp.eu/wp-content/uploads/2015/02/5G-Vision-Brochure-v1.pdf)*

For MNOs, 5G implies the introduction of new service models; deep technical modifications in radio and optical technologies; network infrastructures transformations to software-defined networks (SDNs) and network functions virtualization (NFV); and unprecedented demand for preventive security.

Nowadays, MNOs are quickly realizing large gaps in their security posture, even within their 4G infrastructures -- no longer can security be treated as an afterthought. Security needs to be part of overall infrastructure design from its outset; instead of asking, "How much would it cost to have security?" we need to ask, "How much will it cost if there is inadequate security?"

Think of the recent massive WanaCrypt0r ransomware attack (You can read about [Palo Alto Networks protections against WanaCrypt0r](https://www.paloaltonetworks.com/blog/2017/05/palo-alto-networks-protections-wanacrypt0r-attacks/), and see a [detailed breakdown](https://www.paloaltonetworks.com/blog/2017/05/unit42-threat-brief-wanacrypt0r-know/) by our Unit 42 threat research team). The attack hit many organizations globally, including quite a few MNOs. What is the price tag to bridge that security gap? Could the attack have been prevented? Think further ... what is the price tag associated with signaling attacks, such as S1-AP paging floods, Diameter 3GPP Update Location Request (ULR) and Authentication Information Request (AIR) floods, or GTP Control plane floods? Just imagine billions of zombie devices requesting to be attached at the same time, as instructed.

[](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/06/5G_2.png)  
[![5g\_2](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/06/5G_2.png)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/06/5G_2.png)

MMEs/vMMEs and HSSs/vHSSs simply cannot sustain such "misbehavior," and die. That forces MNOs to overprovision their 4G -- and soon 5G -- infrastructures. What is the price associated with that? In addition to "killing" a few core elements, zombie IoT devices' batteries won't last long, breaking the desired IoT protocol's behavior, targeting to preserve device battery life ... well, as more infected devices get robotized, killing battery life becomes an extra bonus of the hacking exercise, doesn't it?

One might think that positioning crypto on S1-MME and S6a interfaces would be good enough to provide signaling plane protection on those interfaces. Is it really? IPsec is the right approach to deploy for transport security. One of the interesting side-effects of IPsec is that it ensures everything is sent securely, including malware, signaling storms and other "interesting" things.

Sure enough, 5G's hope is to deploy SDN- and NFV-based technologies, where MNOs will be striving to reduce their CAPEX. Using the example of signaling storms, we need to question how easy will it be for MNOs to achieve that goal if proper security measurements are not implemented. Taking control of IoT, connected cars, compromised e-health and compromised infrastructures will result in zero connectivity to the "hyper-connected" world.

Stay tuned for more! In the next blog, I'll address preventive measures for hyper-connected 5G world to remain connected. For more imformation, download the white paper, [The Need for a Network-Based Platform Approach in Mobile Networks](https://www.paloaltonetworks.com/resources/whitepapers/need-for-next-generation-platform-approach-mobile-networks).

*** ** * ** ***

## Related Blogs

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### The Right Approach to Securing 5G](https://www.paloaltonetworks.com.au/blog/2020/05/network-securing-5g/)

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Prevent Bad Signals From Harming Network Availability](https://www.paloaltonetworks.com.au/blog/2018/02/sp-prevent-bad-signals-harming-network-availability/)

### [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Look What's Riding Your Network](https://www.paloaltonetworks.com.au/blog/2018/02/look-whats-riding-network/)

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Raising the Bar for Mobile Network Security](https://www.paloaltonetworks.com.au/blog/2018/02/sp-raising-bar-mobile-network-security/)

### [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Automate Visibility and Harness the Power](https://www.paloaltonetworks.com.au/blog/2017/11/sp-automate-visibility-harness-power/)

### [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Let's Prevent 5G "Boundless Connectivity" From Providing "Boundless Opportunity" for Cybercriminals](https://www.paloaltonetworks.com.au/blog/2017/07/sp-lets-prevent-5g-boundless-connectivity-providing-boundless-opportunity-cybercriminals/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language