Ever since the first generation of mobile data was launched thirty years ago, each new upgrade has been hailed – or at least been marketed – as a revolutionary step forward. However, in reality, all the way up to 4G, the networks’ bare bones have pretty much stayed the same, just replaced with newer hardware.
5G is a true revolution in that it replaces hardware with software, and does so permanently, such that all future upgrades will no longer involve building and physically installing new network infrastructure but will instead require digitally installing the latest software – rather like downloading the newest operating system on a mobile phone.
The cyber security risks associated with 5G stem from this basic fact in that there is more for hostile agents to attack, as there is now much more software being used in the network core compared to hardware. While networks previously contained many so-called ‘choke points’ – hardware components that have the potential to halt malicious cyber-attacks which can otherwise run rampant – many have been removed from the system altogether and replaced with software.
The risks this poses were first identified by governments that chose to remove Huawei from their 5G cores. Their specific concern was the potential for an intentional vulnerability introduced by a foreign government. As a result, we are now seeing a move away from reliance on single providers, as was typically the case for 4G cores, with greater moves toward Open-Network Cores and multivendor cores, but even these do not remove all vulnerabilities, and individuals and business still face some considerable risks.
Availability compromise is one key area of risk, where an attack takes a network offline and results in lost connectivity and significant disruption for businesses. Governments have a particular reason to fear availability compromise, as if deliberately targeted at key energy or defense infrastructure, it could have significant implications on national security. The only way to really protect against this is to use multiple vendors, including several different 5G networks or non-overlapping technologies such as a fixed line backup or a private local 5G network.
Another key area of risk is data compromise, which is perhaps the most significant potential problem. There is the possibility that third parties can unlawfully access a device on a 5G network, meaning that the data stored or being collected by the device is put at risk of theft or destruction. Let’s take CCTV devices as an example - these are used by many organizations and they collect vast amounts of sensitive and personal data. It would pose a severe risk to people’s rights and freedoms if such devices were ever compromised, and the organization in question may be liable under current UK data protection regulations.
The need for speed
Ironically, speed also introduces its own risks. 5G is extremely fast, as networks love to remind us, but this also means that stealing the data from a compromised device will take a bad actor far less time. Often a sign that a compromise has taken place is conspicuously high network traffic, something that is arguably less likely to be noticed in a truly high-speed, high-volume network. With 5G, a perpetrator may have access to data before any monitoring notices.
The Internet of Things
One common claim about 5G is that its speed will unlock the “full potential” of the Internet of Things (IoT), and usher in “a new era” of integrated objects; each device will connect with others in the network faster, and coverage will be more consistent which is ideal for devices which collect data in real time such as the example of CCTV. 5G also uses a different frequency to communicate than 4G devices, which is said to be less impacted by physical barriers like walls, so it may prove something of a catalyst for the development of the ‘smart home’ or ‘smart office.’
However, increasing the number of online and integrated objects in a single network naturally increases the potential vulnerabilities, as unauthorized users now have far more points of potential entry into the network. In addition, the types of devices are becoming more diverse. It’s not just computers and smartphones but a whole host of connected objects – from smart bulbs to security systems to wearable devices – that can now be integrated into the same system, and the challenge of ensuring they are all cyber secure grows more complex and time consuming. Some of the less sophisticated objects such as smart bulbs or wireless charging points – which are nonetheless fully integrated into the network – may also give fewer indications when a cyber-attack is taking place compared to a PC, which could impact the responsiveness of those responsible for securing the network.
As 5G expands, so too will the attack surface, and businesses will need to change their mindset when it comes to cybersecurity, in order to adapt. The reality is that devices, particularly mobile phones, which were not previously thought to need such protections, will require firewalls, and will need to be managed as if they were devices on the public internet.
For network providers themselves, opportunities exist to address the challenges which need to be faced. The commoditization of networks where connectivity is often considered all the same is reversed by 5G. Security built into the network layers itself, such as malware blocking at network level, can increasingly be used to digitally differentiate network providers.
Providers can – and likely should – focus on offering and selling added value products which can assist companies to manage the risks involved in the adoption of 5G, such as in-built malware or adware blocks or analysis tools to determine where data is coming from and going to. Taken together, such premium services to protect devices and endpoints will be something on which providers can truly differentiate themselves, and will be of real appeal to CTOs, CIOs and risk managers within organizations keen minimize the risk of compromise.
Gregg Knowles, Technology Director, Plan.com