Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

12/5/2019
12:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

70 Top Hackers from Around the World Gathered in Finland for the 5G Cybersecurity Hackathon

On November 29, top hackers from all over the world gathered to Oulu, Finland to test their skills against 5G and cybersecurity during the weekend. Oulu, located near the Arctic Circle, is known as a global 5G and 6G hotspot and is the home to research and development of top-tier cybersecurity.

The world’s first open 5G Cybersecurity Hackathon gathered 70 cybersecurity specialists from 15 different countries to compete in challenges set by Ericsson, Nokia and Oulu University. The hackathon was arranged by the National Cybersecurity Centre Finland from Finnish Transport and Communications Agency Traficom.

“Cybersecurity is a key pillar of our digital society. Ensuring cybersecurity should be a joint effort between equipment manufacturers, technology users and authorities. To be able to grasp emerging opportunities, it is wise to be one of the first to generate expertise and create a common front to improve 5G cybersecurity. As a national agency, we want to collaborate actively with international technology businesses and leading security professionals to reach our common goal: a reliable and secure digital society,” says Jarkko Saarimäki, Director of the National Cybersecurity Centre Finland at Traficom.

The majority of the hackers had no hands-on experience with 5G networks and appreciated the opportunity to be among the first ones in the world to explore 5G. Themes of the hackathon included improving the cybersecurity in 5G infrastructure and ensuring the information security in digital services used over 5G. The hacker teams dug deep into the cybersecurity aspects and could provide useful insight and point out topics which will add value to development of cybersecurity fundamentals. Everyone benefited from the hackathon learnings and the event was considered to be a success by all parties.

“For us, the key benefit for joining the 5G Cybersecurity Hackathon was to engage with the security community embracing the opportunity of having some of the world’s leading hackers putting their skills at test on our 5G solution. 5G is the most secure communication technology we have seen so far – further improving the security and privacy from the already strong 4G. Having said that, we wanted to expose our 5G technology to the hackers and go ‘all-in’. No critical issues were discovered, but even all the minor findings made during the weekend are already processed by Ericsson security experts and fed back to R&D,” says Mikko Karikytö, Head of Network Security, Ericsson.

“To ensure public trust in 5G, it is important that security is built in from the start and that potential security gaps are identified at an early stage,” explains Niklas Lindroos, Head of Security for Mobile Networks and Global Services at Nokia. “This 5G Hackathon event was a great opportunity to do just that and for the industry to learn about network security. We are pleased that no major security defects were found in our product – a testament to our robust product security processes. However, we did gain unique insight into future attack surfaces and can design the defenses of future products accordingly.”

5G technology will be one of the building blocks of our future digital society all over the world. Transition to the 5G technology will be accompanied by a more significant change than any of the previous generations of mobile communications networks. Ensuring cybersecurity in networks will be crucial for the services provided by the public sector and businesses in the future.

“This was a big learning experience for us all. 5G security promises were not broken, but thanks to the professionals spending their time here, we learned a lot about the network security issues. Also, it is important to utilize the lessons learned from other networks. The university will benefit from the hackathon’s results greatly, and this encourages us to intensify our research efforts. Our 5G network is available for cooperation as well as for real application tests in the future,” says professor Juha Röning from the University of Oulu.

The hackathon will be followed by Leading Edge 5G Forum on February 13th, 2020 in Helsinki, Finland. The event will gather the leading cybersecurity experts and decision-makers from around the world in a single forum. In addition, the findings of the hackathon will be discussed in the forum.

Participants include major technology vendors, EU cybersecurity authorities, top decision-makers and representatives from some of the biggest operators around the world in addition to leading professionals and evangelists in the field of 5G cybersecurity.

Additional information:

Sauli Pahlman, Head of Department, National Cybersecurity Centre Finland at Traficom

Tel. +358 295 390577, sauli.pahlman(at)traficom.fi

More about Traficom:

www.5gcyberhack.fi 

www.traficom.fi/en/

www.kyberturvallisuuskeskus.fi/en/

More about the 5G Test Network in Oulu: https://5gtn.fi/

Information about the Finnish 6G Flagship programhttps://www.oulu.fi/6gflagship/

More about Ericsson´s cybersecurityhttps://www.ericsson.com/en/security

More about Nokia’s cybersecurityhttps://www.nokia.com/networks/portfolio/security/

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.