Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

12/5/2019
12:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

70 Top Hackers from Around the World Gathered in Finland for the 5G Cybersecurity Hackathon

On November 29, top hackers from all over the world gathered to Oulu, Finland to test their skills against 5G and cybersecurity during the weekend. Oulu, located near the Arctic Circle, is known as a global 5G and 6G hotspot and is the home to research and development of top-tier cybersecurity.

The world’s first open 5G Cybersecurity Hackathon gathered 70 cybersecurity specialists from 15 different countries to compete in challenges set by Ericsson, Nokia and Oulu University. The hackathon was arranged by the National Cybersecurity Centre Finland from Finnish Transport and Communications Agency Traficom.

“Cybersecurity is a key pillar of our digital society. Ensuring cybersecurity should be a joint effort between equipment manufacturers, technology users and authorities. To be able to grasp emerging opportunities, it is wise to be one of the first to generate expertise and create a common front to improve 5G cybersecurity. As a national agency, we want to collaborate actively with international technology businesses and leading security professionals to reach our common goal: a reliable and secure digital society,” says Jarkko Saarimäki, Director of the National Cybersecurity Centre Finland at Traficom.

The majority of the hackers had no hands-on experience with 5G networks and appreciated the opportunity to be among the first ones in the world to explore 5G. Themes of the hackathon included improving the cybersecurity in 5G infrastructure and ensuring the information security in digital services used over 5G. The hacker teams dug deep into the cybersecurity aspects and could provide useful insight and point out topics which will add value to development of cybersecurity fundamentals. Everyone benefited from the hackathon learnings and the event was considered to be a success by all parties.

“For us, the key benefit for joining the 5G Cybersecurity Hackathon was to engage with the security community embracing the opportunity of having some of the world’s leading hackers putting their skills at test on our 5G solution. 5G is the most secure communication technology we have seen so far – further improving the security and privacy from the already strong 4G. Having said that, we wanted to expose our 5G technology to the hackers and go ‘all-in’. No critical issues were discovered, but even all the minor findings made during the weekend are already processed by Ericsson security experts and fed back to R&D,” says Mikko Karikytö, Head of Network Security, Ericsson.

“To ensure public trust in 5G, it is important that security is built in from the start and that potential security gaps are identified at an early stage,” explains Niklas Lindroos, Head of Security for Mobile Networks and Global Services at Nokia. “This 5G Hackathon event was a great opportunity to do just that and for the industry to learn about network security. We are pleased that no major security defects were found in our product – a testament to our robust product security processes. However, we did gain unique insight into future attack surfaces and can design the defenses of future products accordingly.”

5G technology will be one of the building blocks of our future digital society all over the world. Transition to the 5G technology will be accompanied by a more significant change than any of the previous generations of mobile communications networks. Ensuring cybersecurity in networks will be crucial for the services provided by the public sector and businesses in the future.

“This was a big learning experience for us all. 5G security promises were not broken, but thanks to the professionals spending their time here, we learned a lot about the network security issues. Also, it is important to utilize the lessons learned from other networks. The university will benefit from the hackathon’s results greatly, and this encourages us to intensify our research efforts. Our 5G network is available for cooperation as well as for real application tests in the future,” says professor Juha Röning from the University of Oulu.

The hackathon will be followed by Leading Edge 5G Forum on February 13th, 2020 in Helsinki, Finland. The event will gather the leading cybersecurity experts and decision-makers from around the world in a single forum. In addition, the findings of the hackathon will be discussed in the forum.

Participants include major technology vendors, EU cybersecurity authorities, top decision-makers and representatives from some of the biggest operators around the world in addition to leading professionals and evangelists in the field of 5G cybersecurity.

Additional information:

Sauli Pahlman, Head of Department, National Cybersecurity Centre Finland at Traficom

Tel. +358 295 390577, sauli.pahlman(at)traficom.fi

More about Traficom:

www.5gcyberhack.fi 

www.traficom.fi/en/

www.kyberturvallisuuskeskus.fi/en/

More about the 5G Test Network in Oulu: https://5gtn.fi/

Information about the Finnish 6G Flagship programhttps://www.oulu.fi/6gflagship/

More about Ericsson´s cybersecurityhttps://www.ericsson.com/en/security

More about Nokia’s cybersecurityhttps://www.nokia.com/networks/portfolio/security/

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11619
PUBLISHED: 2020-04-07
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).
CVE-2020-11620
PUBLISHED: 2020-04-07
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).
CVE-2020-11509
PUBLISHED: 2020-04-07
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template admin-post action (which will execute in an administrator's browser if the template is used to create a page).
CVE-2020-6647
PUBLISHED: 2020-04-07
An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cross site scripting attack (XSS) via the name parameter.
CVE-2020-9286
PUBLISHED: 2020-04-07
An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system.