Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

12/5/2019
12:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

70 Top Hackers from Around the World Gathered in Finland for the 5G Cybersecurity Hackathon

On November 29, top hackers from all over the world gathered to Oulu, Finland to test their skills against 5G and cybersecurity during the weekend. Oulu, located near the Arctic Circle, is known as a global 5G and 6G hotspot and is the home to research and development of top-tier cybersecurity.

The world’s first open 5G Cybersecurity Hackathon gathered 70 cybersecurity specialists from 15 different countries to compete in challenges set by Ericsson, Nokia and Oulu University. The hackathon was arranged by the National Cybersecurity Centre Finland from Finnish Transport and Communications Agency Traficom.

“Cybersecurity is a key pillar of our digital society. Ensuring cybersecurity should be a joint effort between equipment manufacturers, technology users and authorities. To be able to grasp emerging opportunities, it is wise to be one of the first to generate expertise and create a common front to improve 5G cybersecurity. As a national agency, we want to collaborate actively with international technology businesses and leading security professionals to reach our common goal: a reliable and secure digital society,” says Jarkko Saarimäki, Director of the National Cybersecurity Centre Finland at Traficom.

The majority of the hackers had no hands-on experience with 5G networks and appreciated the opportunity to be among the first ones in the world to explore 5G. Themes of the hackathon included improving the cybersecurity in 5G infrastructure and ensuring the information security in digital services used over 5G. The hacker teams dug deep into the cybersecurity aspects and could provide useful insight and point out topics which will add value to development of cybersecurity fundamentals. Everyone benefited from the hackathon learnings and the event was considered to be a success by all parties.

“For us, the key benefit for joining the 5G Cybersecurity Hackathon was to engage with the security community embracing the opportunity of having some of the world’s leading hackers putting their skills at test on our 5G solution. 5G is the most secure communication technology we have seen so far – further improving the security and privacy from the already strong 4G. Having said that, we wanted to expose our 5G technology to the hackers and go ‘all-in’. No critical issues were discovered, but even all the minor findings made during the weekend are already processed by Ericsson security experts and fed back to R&D,” says Mikko Karikytö, Head of Network Security, Ericsson.

“To ensure public trust in 5G, it is important that security is built in from the start and that potential security gaps are identified at an early stage,” explains Niklas Lindroos, Head of Security for Mobile Networks and Global Services at Nokia. “This 5G Hackathon event was a great opportunity to do just that and for the industry to learn about network security. We are pleased that no major security defects were found in our product – a testament to our robust product security processes. However, we did gain unique insight into future attack surfaces and can design the defenses of future products accordingly.”

5G technology will be one of the building blocks of our future digital society all over the world. Transition to the 5G technology will be accompanied by a more significant change than any of the previous generations of mobile communications networks. Ensuring cybersecurity in networks will be crucial for the services provided by the public sector and businesses in the future.

“This was a big learning experience for us all. 5G security promises were not broken, but thanks to the professionals spending their time here, we learned a lot about the network security issues. Also, it is important to utilize the lessons learned from other networks. The university will benefit from the hackathon’s results greatly, and this encourages us to intensify our research efforts. Our 5G network is available for cooperation as well as for real application tests in the future,” says professor Juha Röning from the University of Oulu.

The hackathon will be followed by Leading Edge 5G Forum on February 13th, 2020 in Helsinki, Finland. The event will gather the leading cybersecurity experts and decision-makers from around the world in a single forum. In addition, the findings of the hackathon will be discussed in the forum.

Participants include major technology vendors, EU cybersecurity authorities, top decision-makers and representatives from some of the biggest operators around the world in addition to leading professionals and evangelists in the field of 5G cybersecurity.

Additional information:

Sauli Pahlman, Head of Department, National Cybersecurity Centre Finland at Traficom

Tel. +358 295 390577, sauli.pahlman(at)traficom.fi

More about Traficom:

www.5gcyberhack.fi 

www.traficom.fi/en/

www.kyberturvallisuuskeskus.fi/en/

More about the 5G Test Network in Oulu: https://5gtn.fi/

Information about the Finnish 6G Flagship programhttps://www.oulu.fi/6gflagship/

More about Ericsson´s cybersecurityhttps://www.ericsson.com/en/security

More about Nokia’s cybersecurityhttps://www.nokia.com/networks/portfolio/security/

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15058
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
CVE-2020-15059
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
CVE-2020-15060
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
CVE-2020-15061
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
CVE-2020-15062
PUBLISHED: 2020-08-07
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.