Skip to main content

5G, ransomware and Huawei’s Hail Mary

(Image credit: Image Credit: Flex)

After years of buzz about the coming of 5G, the next-gen technology is finally becoming a reality in small deployments around the world. For many of us, particularly those who spend a lot of time working remotely or while on the move, 5G is expected to be a big step up over 4G, which started rolling out in the UK way back in October of 2012. Who doesn’t want faster download speeds and more reliable coverage? If the hype is to be believed, the road warriors among us will be able to enjoy a nirvana-like work experience that’s just as good as our office-bound peers.

5G won’t solve IT problems

For IT managers, 5G won’t solve the age-old problem – a paucity of visibility and control over devices once they’re taken outside the protection of a corporate network. Not only is it harder to know what’s happening on these devices – regardless of their status as BYOD or COPE – it’s also typically much harder and more time-consuming to help employees when things go wrong.

In the UK we can add Huawei into the mix of security worries. Whether we integrate Huawei into our 5G infrastructure or not, we’ve seen governments (and telcos) around the world grappling with the choice to include or exclude the Chinese company’s products from next-generation networks. Despite being significantly cheaper than solutions offered by rivals Ericsson and Nokia, Huawei has not been able to shake rumours that its products may contain secret back doors, giving the Chinese government access to potentially secret data.

And now there’s a new twist to this Huawei saga. In an extraordinary move, Huawei’s CEO, Ren Zhengfei, recently told reporters that he is willing to sell the company’s 5G technology as a way to quell Western fears. If this actually moves forward, it will allow the purchaser to not only read but also modify the code as it pleases. With its chances of overcoming the Trump administration’s ban waning, the company seems to be pinning its 5G hopes on a Hail Mary move in order to stay relevant in the space.

Legislation isn’t enough

No matter what happens to Huawei, the reality is that cybersecurity threats are a systemic problem that cannot be solved through government legislation alone. It’s in every organisation’s best interest to practice sensible cybersecurity precautions, starting with efforts as simple as implementing password policies that discourage the re-use of personal passwords for work purposes.

Realistically, there’s a far greater and more immediate risk of employees accidentally exposing company data to bad actors by using a compromised hotel or airport Wi-Fi network than there is of allowing Huawei into our 5G networks.

Speaking of those 5G networks, they’re already starting to roll out, at least in some places. EE launched its service in six UK cities, with 10 more expected before the end of this year. Vodafone has lit up fifteen towns and cities so far, while Three and O2 have announced plans to roll out 5G services over the coming months.

The real risks

Putting 5G aside for a moment, I should note that many cyberattacks take place on otherwise trusted networks, via a variety of sophisticated phishing schemes and malware attacks targeting human fallibility. Any company that thinks its employees can safely connect their devices to unprotected public Wi-Fi or cellular network – regardless of whether they’re supported by equipment from a company like Huawei – is incredibly naïve.

Recent ransomware attacks provide the perfect example. Perhaps none more so than the headline-grabbing attacks that hobbled government agencies in Baltimore and cities in Florida. Since then, 23 local governments in Texas were also hacked, bringing many of the agencies’ public services to a grinding halt.

Likewise, here in the U.K. the systems of Eurofins Scientific were crippled by a ransomware attack that targeted its computer files and systems. The lab, which provides vital DNA testing, toxicology analysis and other services to British police agencies, was thrown into chaos by the attack, which delayed legal processes for several weeks.

The common thread in these ransomware attacks is that the organisations have a choice to make – to pay or not to pay. In the case of the two cities in Florida, a ransom totalling more than $1 million in Bitcoin was sent to the hackers, while Eurofins is believed to have paid a hefty ransom to retrieve its files. The goal of the attackers is simple; to cause enough disruption and pain that organisations are strong-armed into paying a ransom.

As this scene plays out all over the world, we’re at the beginning of a disturbing trend. In recent years private companies have beefed up security defences inside the perimeter of their firewall, causing hackers to increasingly turn to a variety of social engineering attacks that effectively hone in on individual employees at government agencies and other organisations that are typically less savvy when it comes to security. Sometimes the attackers are able to take advantage of known operating system (OS) or application vulnerabilities such as those found in Microsoft Windows, Outlook and Word. Even though Microsoft issued updates and warnings about the risks, many devices simply went un-patched.

Increasingly we’re seeing agency employees being targeted by spear phishing attacks that try to trick them into clicking on links that appear genuine or innocent, but then start downloading a small piece of malicious software. Once they gain a toehold, hackers have very sophisticated tools that allow them to go undetected, often waiting for an opportune moment to expand control throughout a network.

Food for thought

What does this all mean? If we look at the big picture we can see that there has been a lot of handwringing over the past year around the potential threat that a company like Huawei poses to the security of our networks. Should we be concerned? Yes. We should absolutely scrutinise the pros and cons of that relationship. But as we look at the evolving threat landscape, I think you’ll agree that we have bigger and more dangerous fish to fry.

Joel Windels, CMO, NetMotion Software