Skip to main content

The 5G saga: a review of the UK’s 5G readiness in 2019

(Image credit: Dmitry Kurbatov)

The race for 5G kicked off this year as major UK operators such as EE, Vodaphone, Three & O2 rolled out their network in a bid to offer their users more coverage and faster connections. Not only this, the relentless push to better secure the network was top of the agenda for governments, with conversations circulating over supplier diversity and Huawei. So, with lots to consider, we bring you up-to-speed and look ahead to 2020. 

Where are we now? 

"According to our research, majority of operators have gone down the road to creating a 5G network based on an existing LTE network core. Having LTE networks act as the building blocks to create 5G networks will mean it will not be immune from the same vulnerabilities."

Dmitry Kurbatov

Sadly, the UK has not been at the races for some time when it comes to mobile coverage. In fact, it is still struggling to cope with the demands of 4G. An August report by consumer watchdog Which revealed that 80% of the UK’s parliamentary constituencies are yet to have complete 4G coverage from all four major operators – EE, O2, Vodafone and Three. 7% of constituencies are yet to be served by any. In response, the government in October, introduced a £1 billion deal to improve coverage in rural areas through shared operator services. 

These coverage delays have created an unwelcome distraction when it comes to 5G deployment. According to our research, majority of operators have gone down the road to creating a 5G network based on an existing LTE network core. Having LTE networks act as the building blocks to create 5G networks will mean it will not be immune from the same vulnerabilities.

‘Flagship’ launches by operators such as that by EE in May have subsequently failed to hit the mark, leaving consumers underwhelmed. According to research by Repeater Store, the public remain unconvinced about 5G’s benefits. Current download speed tests are only 4-5 times faster, which is unlikely to dislodge this belief (see BBC field tests). And this lack of consumer pull could have a more disconcerting outcome if it allows the government wriggle room to dither in its implementation. 

Huawei conversation a distraction 

If you are wondering how this could have happened, then look no further than the controversy surrounding the use of Huawei’s infrastructure. Despite having superior manufacturing capabilities (as reported by CNBC), and the UK’s 4G networks being built on Huawei, there is a lot of security questions around the provider’s products and equipment. 

The underlying security concerns has led much of Europe to remain undecided about Huawei. Yet it must be stressed that not every country has followed the US's hard-line approach. Most recently, after much deliberation the UK decided to open its doors to Huawei, along with other European countries including Germany and Hungary. Their rationale is far more pragmatic. They realise just how crucial it is to be at the forefront of what is expected to be the fourth ‘industrial revolution’. 

They also realise that Huawei’s capabilities in being able to rollout the infrastructure at scale that goes way beyond any of the other available suppliers. The reality is that Huawei is already embedded into the 5G ecosystem, mainly because many mobile network operators have already purchased or ordered Huawei technology. 

This issue can’t be solved with a solution as idealistically simple as just swapping it for an alternative vendor immediately. There is also the additional cost of delaying deployments, as companies had already tested 5G equipment, chosen Huawei, and were ready to buy. If Huawei is taken away as an option, this whole process - including testing - would have to be started all over again. Ultimately any country that does that is facing a more expensive network and a delay that could result on its national infrastructure being inferior compared to other countries.

China leads the race 

China is only beginning to show the prowess of its accelerated rollout. In November, three of its commercial operators began to offer commercial services in the world’s biggest market. In fact, Qualcomm’s predicts that by the end of 2020, there will be 1m 5G base stations in China — 10 times that of any US operator's network.

And the reality is that China is already moving on from 5G - The superpower has already deployed significant resources to develop 6G. According to Quartz, it has deployed a team of government experts alongside 37 experts from universities, science institutions and corporations. In other words, some of the brightest minds from the country are already working on it. At a time when it is inconceivable for most to understand the impact of 5G, it's hard to fathom what yet another change would make.  

Security should lay the foundations 

"Perhaps the most significant take away was the emphasis that a decision either way about Huawei’s infrastructure was unlikely to solve the greatest security risks. Instead, it is the infrastructure in its entirety that leaves the UK at risk, as well as the processes put in place to secure it."

Dmitry Kurbatov.

With all this in mind, one question remains. Is there an opportunity for the UK to get back on track? Answering this question requires an objective look at the technical issues delaying rollout, particularly from a security perspective.

In doing so, it must be stressed that it is not all doom and gloom. 5G is, after all, a step up from 4G. And for good reason. As well as its speed improvements, it will also herald a new generation of connected devices and this brings improvements - as well as vulnerabilities - when it comes to security. These can be simplified to the ability to spot threats using its enhanced directionality, as well as the ability to compartmentalise risks through network slicing. In other words, directionality will make it easier to pinpoint where an attacker is when they attack. Network slicing will mean that attacks will be restricted to individual slices of the network (see our report). 

Of course, the concerns surrounding vulnerabilities also have merit. In July, the Department for Digital, Culture, Media and Sport published its Telecoms Supply Chain Review, which evaluated the resilience of the UK’s telecoms networks. There were clear areas for improvement, including strengthening regulation and policy, as well as diversifying the supply chain. Yet perhaps the most significant take away was the emphasis that a decision either way about Huawei’s infrastructure was unlikely to solve the greatest security risks. Instead, it is the infrastructure in its entirety that leaves the UK at risk, as well as the processes put in place to secure it. 

The UK has a track record for being slow at securing its networks. As long ago as 2013, the government’s Intelligence and Security Committee (ISC) noted that OpenReach’s deployment of Huawei’s infrastructure could have implications for National Security (see ISP Preview) It’s just that the UK considers security as an end process as opposed to throughout it. To use a simple analogy, if you build a house and choose to leave the back door unlocked then it doesn’t matter who made the door or the lock. If you then consider 5G as the most complex house with thousands of doors, you can get a clearer picture of the risks involved. Clearly, the government must prioritise the process as much as any of the infrastructure choices that it makes.  

A cautious optimism 

So, we look forward to 2020 with a tempered excitement. On one level, there is no doubt that 5G becoming commonplace across the world will accelerate change. On another, it remains to be seen whether the UK will be able to fully capitalise at a time when the stakes couldn't be higher. 

Dmitry Kurbatov holds a degree in information security of telecommunications systems from Moscow Technological University (MIREA). He worked as a network engineer for system integrators from 2006 and joined Joined Positive Technologies in 2010.  After developing an automated security analysis system, he switched to telecom security, researching a range of vulnerabilities in network equipment, including errors in data transfer network design, protection of signalling protocols (SS7, Diameter, GTP), through to IoT security. Since 2014, he has been Director of Telecom Security at Positive Technologies.