Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

12/5/2019
12:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

70 Top Hackers from Around the World Gathered in Finland for the 5G Cybersecurity Hackathon

On November 29, top hackers from all over the world gathered to Oulu, Finland to test their skills against 5G and cybersecurity during the weekend. Oulu, located near the Arctic Circle, is known as a global 5G and 6G hotspot and is the home to research and development of top-tier cybersecurity.

The world’s first open 5G Cybersecurity Hackathon gathered 70 cybersecurity specialists from 15 different countries to compete in challenges set by Ericsson, Nokia and Oulu University. The hackathon was arranged by the National Cybersecurity Centre Finland from Finnish Transport and Communications Agency Traficom.

“Cybersecurity is a key pillar of our digital society. Ensuring cybersecurity should be a joint effort between equipment manufacturers, technology users and authorities. To be able to grasp emerging opportunities, it is wise to be one of the first to generate expertise and create a common front to improve 5G cybersecurity. As a national agency, we want to collaborate actively with international technology businesses and leading security professionals to reach our common goal: a reliable and secure digital society,” says Jarkko Saarimäki, Director of the National Cybersecurity Centre Finland at Traficom.

The majority of the hackers had no hands-on experience with 5G networks and appreciated the opportunity to be among the first ones in the world to explore 5G. Themes of the hackathon included improving the cybersecurity in 5G infrastructure and ensuring the information security in digital services used over 5G. The hacker teams dug deep into the cybersecurity aspects and could provide useful insight and point out topics which will add value to development of cybersecurity fundamentals. Everyone benefited from the hackathon learnings and the event was considered to be a success by all parties.

“For us, the key benefit for joining the 5G Cybersecurity Hackathon was to engage with the security community embracing the opportunity of having some of the world’s leading hackers putting their skills at test on our 5G solution. 5G is the most secure communication technology we have seen so far – further improving the security and privacy from the already strong 4G. Having said that, we wanted to expose our 5G technology to the hackers and go ‘all-in’. No critical issues were discovered, but even all the minor findings made during the weekend are already processed by Ericsson security experts and fed back to R&D,” says Mikko Karikytö, Head of Network Security, Ericsson.

“To ensure public trust in 5G, it is important that security is built in from the start and that potential security gaps are identified at an early stage,” explains Niklas Lindroos, Head of Security for Mobile Networks and Global Services at Nokia. “This 5G Hackathon event was a great opportunity to do just that and for the industry to learn about network security. We are pleased that no major security defects were found in our product – a testament to our robust product security processes. However, we did gain unique insight into future attack surfaces and can design the defenses of future products accordingly.”

5G technology will be one of the building blocks of our future digital society all over the world. Transition to the 5G technology will be accompanied by a more significant change than any of the previous generations of mobile communications networks. Ensuring cybersecurity in networks will be crucial for the services provided by the public sector and businesses in the future.

“This was a big learning experience for us all. 5G security promises were not broken, but thanks to the professionals spending their time here, we learned a lot about the network security issues. Also, it is important to utilize the lessons learned from other networks. The university will benefit from the hackathon’s results greatly, and this encourages us to intensify our research efforts. Our 5G network is available for cooperation as well as for real application tests in the future,” says professor Juha Röning from the University of Oulu.

The hackathon will be followed by Leading Edge 5G Forum on February 13th, 2020 in Helsinki, Finland. The event will gather the leading cybersecurity experts and decision-makers from around the world in a single forum. In addition, the findings of the hackathon will be discussed in the forum.

Participants include major technology vendors, EU cybersecurity authorities, top decision-makers and representatives from some of the biggest operators around the world in addition to leading professionals and evangelists in the field of 5G cybersecurity.

Additional information:

Sauli Pahlman, Head of Department, National Cybersecurity Centre Finland at Traficom

Tel. +358 295 390577, sauli.pahlman(at)traficom.fi

More about Traficom:

www.5gcyberhack.fi 

www.traficom.fi/en/

www.kyberturvallisuuskeskus.fi/en/

More about the 5G Test Network in Oulu: https://5gtn.fi/

Information about the Finnish 6G Flagship programhttps://www.oulu.fi/6gflagship/

More about Ericsson´s cybersecurityhttps://www.ericsson.com/en/security

More about Nokia’s cybersecurityhttps://www.nokia.com/networks/portfolio/security/

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2322
PUBLISHED: 2021-06-23
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 ...
CVE-2021-20019
PUBLISHED: 2021-06-23
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVE-2021-21809
PUBLISHED: 2021-06-23
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
CVE-2021-34067
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
CVE-2021-34068
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.