Trends in Technology
As we enter a new decade, there is massive excitement surrounding the emergence of new technologies, specifically 5G and all its boundless capabilities. Make no mistake; 5G technology has got everyone hopping in anticipation as it will usher in a new era with lower latency and faster speeds that will make it possible to host new business applications. Its predecessors, i.e., 3G and 4G, revolutionized cellular technology, but the next-generation 5G is beyond anything that we could have imagined.
Even though there is massive excitement around 5G, tech gurus are sharing their reservations about its capacity to bring about change because 5G security is going to be more complex to manage and poses some risks. The reason behind why 5G poses such elevated security risks is mainly because it will have more vectors through which bad actors can launch crippling attacks. The emergence of 5G technology will have a major impact on a massive number of connected devices, known as the ‘Internet of Things’ (IoT).
It’s no secret that IoT devices are a target for cybercriminals and hackers as they can be taken over to form a botnet that can launch attacks to paralyze networks or perform distributed denial of service (DDoS) attacks. That challenge will be amplified through vertical 5G use-cases like healthcare and connected cars, and this will require industry-specific security requirements. Another problem is that 5G is based on virtual networks, which must be governed by robust protocols themselves.
The real-life risks posed by 5G technology have already been demonstrated, and researchers at Purdue University and the University of Iowa demonstrated 11 vulnerabilities of 5G that could hijack a public paging channel for broadcasting emergency alerts through denial of service (DoS) attacks. The threat posed by 5G security vulnerabilities has created an urgent need for an ecosystem where physical infrastructure providers and mobile operators work together.
The Security Threats of 5G Technology
The most important thing is to acknowledge and address the security challenges posed by 5G technology. Most of the main threats are posed by high-risk industries that are using 5G technology for the first time in mission-critical applications. For instance, 5G technology will enable self-driving cars and smart cities, which is going to see 5G networks underpinning services like traffic control and emergency response.
However, if the 5G networks enabling these technologies are shut off or interfered with, the results are going to be catastrophic. For example, what will happen if cyber-criminals gain access to an army of delivery drones or shut off the water supply for an entire city? The network architecture of 5G will see the impact of failure for the core architecture enhanced tenfold. The current core infrastructure will isolate functionality; so, if a component fails like SMS or mobile data, it will result in partial degradation of services for a network.
Switching Networks Enhances Risks
One of the main security risks is posed by the protocol design for 4G or 3G connections when 5G signals fail or aren’t available. When 5G devices switch to 3G or 4G, it will be exposed to vulnerabilities that haven’t been properly addressed in the previous generations’ protocols.
Switching from 5G to 3G or 4G needs to be seamless, and mobile operators can’t guarantee there won’t be any weaknesses in this process. The 5G supply chain is another challenge that requires addressing, with recent concern centered on the possible threat posed by network equipment manufacturer Huawei, which has the permission from the UK government for installation in certain parts of the national 5G network.
Most experts have reservations that the manufacturers will engineer a ‘backdoor’ that will let it snoop on data. Keeping all these threats in mind, the European Commission has issued a 5G toolbox to ensure that European countries tackle this in a coordinated approach.
Isn’t 5G Going to be More Secure than 3G or 4G?
5G security is a complex task mainly because the threat landscape continues to widen, but that can be tackled if the ecosystem helps address the security challenges. There is no doubt about the higher level of security in 5G technology because of improved encryption.
Simultaneously, we are still in the early stages of 5G architecture, which allows mobile operators to offer visibility of traffic going across networks, so businesses can identify anomalies or find out who is trying to intercept their signals. On the other hand, network slicing allows mobile operators to divide the network effectively for different requirements or use-cases to add security capabilities for 5G. If there is going to be an attack on the public network, for example, a coordinated cyber attack on Vodafone’s network, the sliced environment would be shielded. However, this is yet to be put into practice and, as of now, only a theory.
There is work being done to secure 5G technology, but no one knows who is responsible for this. However, in the early stages, most of the responsibility will fall on the service and vendor ecosystem. Some operators are going to sell 5G services to enterprises, and the emphasis is going to be on network and infrastructure providers to get on the same page and assess all possible risks and benefits.
5G Security Must be a Shared Responsibility
In many ways, 5G has a ‘shared responsibility model,’ similar to one facilitating cloud services. Standard bodies are going to dictate how to implement a secure 5G network architecture, while operators will be responsible for network security. Enterprises are going to be responsible for transporting data across networks, and mobile operators must embrace a continuous risk-based approach for monitoring their networks and services to evolve their security controls around emerging threats.
At the same time, businesses should be aware of the security problems and risks of 5G so they can prepare for their arrival. There’s no denying that 5G is going to provide massive benefits, but there is one thing certain – the technology will require more focus on security.
Percento is a Professional IT Consulting, Implementation and Management firm. To find out how we can help your organization, please contact one of our friendly sales representatives for a review of your system and a comprehensive (No Obligation) proposal of services. Call today toll-free at 800.614-7886 [Austin | Dallas | Houston | League City | Sugar Land | The Woodlands | San Antonio] or email us at firstname.lastname@example.org.