Does Implementation Of 5G Create New Cybersecurity Risks?

The implementation of 5G will allow a greater sensitive data to circulate at high speed on advanced networks for individuals and companies.

5G, or the “fifth generation” of technology standards for mobile networks, is the newest version of all mobile technologies. In 2021, its global proliferation is accelerating.

Implementation of 5G will also be able to accept millions of devices per square kilometer on its network, which will allow to adapt to ever-increasing nomadic uses, such as the autonomous car generalization or remote surgical operations via robots located on the other side of the planet. The real promise of 5G will come in September 2021, with the third phase of the 5G specifications. These are the data centers located a few kilometers from each branch, which will allow operators to process massive amounts of data and set up new applications for businesses.

However, increasing the number of connected devices means that this technology will become a major security issue for governments, people and businesses around the world. Indeed, it also multiplies the entry points number of attacks for cyber criminals.

Cybersecurity landscape in 5G

The use of 5G will bring new security challenges, some of which are due to the network itself, while others are related to the devices connected to 5G. However, both of these security aspects put consumers, governments and businesses at risk.

Network virtualization

In a 5G world, the network infrastructure will shift from hardware-based network to a virtual or software-defined (SDN) network. The implementation of 5G will so generate incredible benefits in terms of performance and diversity of applications thanks to the cloud-based resources, virtualization and network slicing widespread uses.

In the pre-5G generation, networks had physical bottlenecks over which security checks could be performed. In a software-defined network, virtualized network functions (VNFs) operate at the edge of virtual network. With these changes come new security risks that add additional “attack surfaces” to the 5G security architecture, as a single security breach in a certain part of the virtualized network could compromise the security of the entire network.

Heterogeneous communication technologies (LTE, 4G/5G, WiFi)

The lack of end-to-end encryption in the presence of multiple communication technologies 5G/4G and Wi-Fi will help attackers to intercept data. Therefore, 5G must integrate, in its protocol, end-to-end encryption. This creates a communication system where only devices that exchanging information together can read the messages. This technology could really make hacker interceptions more difficult.

Various connected devices

Nowadays, manufacturers do not make cybersecurity a priority for many low-end smart devices. As more and more devices are foreseen to be connected, millions of devices with varying security systems are paving the way for billions of possible intrusion points. Smart TVs, door locks, refrigerators, loudspeakers and even secondary devices, like a thermometer for an aquarium, can be a weak point in the network. Lack of industry security standards for connected devices can lead to network breaches and widespread hacking.

Strain on current security control system

The high communication speed and capacity of 5G will possibly strain current security controls. While current networks are limited in speed and capacity, these restrictions have actually helped operators monitor and respond to security intrusions more quickly. Therefore, the benefits of an extended 5G network could actually compromise cybersecurity. The increase in speed and volume will challenge security teams to develop new methods to stop threats.

Decentralized network

Mesh networks will require rethinking cybersecurity. In fact, with 5G, most traffic will no longer go through a central system. That is to say, each service will be able to create a large number of small independent internet networks. Therefore, this decentralization will create new security challenges as centralized network protection cannot be applied to edge computing.

Short range physical cell towers

The 5G network will require to deploy a high number of short-range physical cell towers. These towers will then become new physical targets that hackers can exploit. In addition, they will have dynamic spectrum sharing (DSS), which allows specific slices of the network to be used for data transmission. This means that each slice can be attacked independently and will also require the dynamic deployment of a cybersecurity solution.

Old unresolved vulnerabilities

5G also inherited som security vulnerabilities from previous mobile technologies. In fact, the main issues already affecting previous generations of mobile technology, such as GSM 4G and LTE, have not been addressed in 5G standards and projects. One of them in particular, namely the ability to intercept so-called pre-authentication messages between the user’s base station and the cell tower, is still part of the 5G specifications, and proposed architectures would allow attackers to intercept unencrypted messages.

Data center

The real revolution of the Implementation Of 5G consists in the deployment of data centers, located just a few kilometers from each branch. These will allow operators to process massive amounts of data as well as set up new applications for businesses. Therefore, the real risk is with personal data protection. With 4G, operators did not store the data. They will now be able to do so with 5G, and consumers should be wary of the security systems in place to protect that data.

Most likely types of attacks and defenses

Cyber ​​security vulnerabilities can give rise to a wide variety of attacks. Here are some known cyber threats that will likely remain prevalent as the 5G network grows.

  • Botnet attacks which allow a network of connected devices, such as puppets, to be controlled in order to launch a massive cyber-attack.
  • Denial of service (DDoS) attacks overload a network or website to take it offline.
  • Man-in-the-Middle (MiTM) attacks discreetly intercept and alter communications between two parties.
  • Location tracking and call interception can by launched by anyone even if they have no expertise in paging protocols.

There are some cyber security practices and techniques consumers should consider to protect their data in the the era of increasing connectivity.

  • Use a Virtual Private Network (VPN) to both prevent the unauthorized access to your data and spy on your online activity.
  • Use strong passwords. Always use passwords when possible and make them extremely strong. The best passwords are made up of long strings of random and varied characters. Include uppercase, lowercase, symbols and numbers.
  • Update the default passwords on all your connected devices.
  • Install an antivirus solution on all your devices.
  • Keep all your connected devices up to date with security patches. This includes your cell phone, computers, all smart home devices, and even your vehicle’s infotainment system. Remember that any device that connects to the Internet, Bluetooth, or other data radio must have all the latest updates (apps, firmware, operating system, etc.)

Conclusion

The implementation of 5G will allow a greater volume of sensitive data to circulate at high speed on advanced networks. However, as with any technology whose security aspects are not firmly established, a breach could have disastrous consequences for individuals and companies.

Despite the improvements made to encryption, authentication and data confidentiality in the recent versions of the Third Generation Partnership Project (3GPP), many of the security pro lems from the 4G era will persist. Once again, good cybersecurity starts with the individual.

Originally published at Electronics 360

Leave a Reply