IoT Security: A Core Priority for Network Operators in the RAN and Edge Era

Telecommunications leaders have spent the last decade exploring a wide array of IoT use cases, highlighting the transformative benefits for businesses, industry sectors, and society at large. Amid this digital revolution, the promise of new revenue streams and operational efficiencies is clear, but so too is the imperative to safeguard these emerging ecosystems.

While much discussion currently centers on deploying IoT services, Robert Winters, Director of TeraVM at Viavi Solutions, urges operators to shift focus toward a more urgent challenge: securing the IoT.

DDoS: A Major Threat, Distributed

Operators are still in the early stages of the IoT deployment lifecycle, with many seeking guidance on security best practices yet not fully implementing them. The escalating damage from distributed denial‑of‑service (DDoS) attacks underscores the critical role that robust network security must play.

A 2018 Akamai report noted a 16% rise in DDoS incidents compared to the previous year, with the largest recorded attack reaching 1.35 Tbps. IoT‑driven DDoS campaigns target the core components of mobile networks, threatening to destabilise or even bring down entire infrastructures. The fallout is widespread—affecting businesses, critical services, and everyday consumers who rely on shared mobile core resources.

One mitigation strategy is to segregate consumer traffic from IoT traffic, employing network slicing to create dedicated pathways for each. An Australian operator has already implemented this approach, carving out a dedicated lane for first‑response teams. Isolating traffic streams simplifies detection and containment of attacks, enhancing overall security posture.

Network slicing is complex and remains in the developmental phase of the broader 5G rollout, but it will become one of several mechanisms available to counter IoT‑based botnet threats.

Taking Testing to the Edge—RAN and Core Alike

The expansion of IoT will be powered by mobile edge computing (MEC), which brings processing and compute closer to end users. This proximity delivers high bandwidth, ultra‑low latency, and real‑time connectivity to the radio network, unlocking new use cases across multiple industries.

Presently, security gateways are typically housed in data centers at the mobile core, where base‑station traffic is processed. As IoT and MEC shift traffic handling to the network edge, security gateways must migrate accordingly. Although the industry has spoken at length about this shift, large‑scale deployment of edge‑based security gateways remains limited.

Operators are increasingly adopting miniature, localized data centers at the edge—effectively small “edge hubs.” These hubs host multiple servers and, consequently, present attractive targets for attackers.

To protect the entire, evolving network architecture, operators need a comprehensive suite of end‑to‑end testing tools that cover performance and security from the radio access network (RAN) through the core, via the mobile edge. Such solutions validate user experience for data applications while ensuring that security controls are robust and effective.

Scalable, Virtual, Flexible Testing

As IoT endpoints proliferate, the risk of malicious infiltration rises. Many IoT applications are still in beta, yet operators cannot afford to wait. Their networks must be ready to accommodate a vast array of devices, protect end users, and safeguard their own business interests.

The most effective strategy is virtualized network stress‑testing. By emulating real‑world scenarios—including millions of IoT devices across connectivity standards such as NB‑IoT, CAT‑M, and LPWAN—operators can anticipate and mitigate potential vulnerabilities.

Virtual labs allow operators to plan for an inevitable IoT‑rich future, identify infrastructure issues ahead of time, and position their networks to monetize IoT services confidently. Because testing occurs in a virtual environment, operators can scale to test anywhere from a few hundred devices to millions, without incurring the logistical or financial burdens of physical deployments. Multiple traffic types can be simulated concurrently, preparing infrastructure for overload scenarios similar to those seen in DDoS attacks.

Operators must act now to confront the IoT security threat, or they risk compromising services, damaging reputations, and stalling the broader adoption of IoT technologies.

Author: Robert Winters, TeraVM Director at Viavi Solutions.