The next wave of cyberattacks will have 5G to thank
At its core, 5G networking technology is associated with incredible speeds, huge amounts of data and interconnectedness on a scale never seen before.
The proliferation of 5G means a huge investment in structurally different network hardware that can support the promise of 5G speed and volume. Then, in addition to the significant costs, the virtualization of traditionally hardware-embedded network features opens up new opportunities for use for malicious participants.
With 5G, the stakes are higher than ever, because 5G will soon become the backbone of critical national infrastructure. A ConsumerLab A study by the information and communication technology (ICT) industry has revealed $ 31.31 billion in addressable consumer revenue that will flow through 5G networks by 2030. Service providers could provide $ 3.7 trillion of that, powered by 5G connectivity, which remains the largest revenue engine.
It has already activated delay-sensitive, industry-critical management systems that run smart grids, smart cities and smart factories. Autonomous systems such as self-driving cars and autopilot avionics also rely on the speed, capacity and reliability of 5G networks. Any disruption to these systems and applications can quickly become fatal – but security often gives way when speed and volume are the driving forces.
Taking a new look at traditional cyber threats
5G differs significantly from its predecessors in that it focuses on software-defined networks (SDNs)), network virtualization, and network function virtualization (NFV). The virtualized network core and radio access networks (RANs) allow cutting the network for segregation and optimal allocation of resources for different types of devices and services. But on the other hand, virtualized network segments are prone to software vulnerabilities that attackers can exploit to go beyond the virtualization layer into the physical layer.
Despite the many benefits, there are also some security risks associated with cutting the network.
Multiple virtual networks and RAN partitions essentially create more entry points for malicious participants. An attacker can compromise a network site to monopolize resources for intensive computing activities such as crypto mining. Such attacks are not only costly, but can also cause insufficient resources for critical services running on other virtual partitions.
The growing number of software components leads to increasingly complex supply chains. Security gaps among suppliers will have a direct impact on the final results of related companies.
In addition, many 5G latency-sensitive applications, such as autonomous vehicles, video surveillance, and the Internet of Things (IoT), use Edge Computing with Multiple Access (MEC). Instead of consolidating in the cloud, data is stored, processed, and analyzed at the edge of the network, closer to the endpoints. Although it allows real-time analysis and decision-making, it also expands the surface of the attack as critical data is distributed across multiple systems.
Of course, the same lightning-fast speeds and low latency that allow real-time communication between machines can also allow attackers to execute extremely fast and powerful distributed denial-of-service (DDoS) attacks. Industrial IoTs, such as crop sensors, medical robots, waste management sensors, and smart water meters, can become a target for widespread disruption and chaos. And when attackers target the availability or integrity of 5G-connected cyber-physical systems, such as robotic telesurgery systems or autonomous vehicles, threats can quickly escalate and become deadly.
Governments and organizations are eager to implement 5G technologies. 5G is sure to become the new standard for broadband cellular networks in the next few years. But the sheer volume and speed of 5G networks combined with the complex infrastructure and high dependence on software create the perfect landscape for the participants in the threat.
Although the government may dictate standards and regulations for protected 5G infrastructure, individual organizations will also be held accountable for potential data breaches – so they must raise their safety bar before threats become incidents.
Given the high stakes, security should be at the forefront of 5G distribution plans. Before organizations can adopt 5G, their organizational processes must be adapted accordingly. Here’s how companies can prepare in advance for the inevitable 5G revolution:
- Conduct risk assessments to identify the use of 5G and risk factors throughout the organization.
- Update your business continuity plans accordingly.
- Carefully review the contractual agreements and establish service level agreements with 5G operators.
- Evaluate supplier security standards and development processes throughout the supply chain.
- Move security controls closer to the edge where data is stored and processed; consider adopting a service edge protection (SASE) model.
This will be uneven driving
Although they are doing everything right, companies must acknowledge that mistakes will inevitably happen. Often, bad actors are the first to discover security gaps in new technologies. But preparation can mitigate the impact of potential attacks. It can allow companies to identify and limit security incidents with minimal monetary and reputational damage. It may take years before cybersecurity stakeholders can really get ahead of the 5G threat landscape. Until then, let’s hope that the main vulnerabilities do not cause irreparable losses.