Key Takeaways
5G provides faster and more reliable network connections by combining several improvements to the underlying technology of wireless networking.
5G complicates the security of a network through open source software, virtualization, soft IoT endpoints, and an increased bandwidth to monitor.
Organizations can better defend their 5G networks with AI-enabled threat monitoring systems, “security by design” software development, and investing in endpoint security.
As our world becomes increasingly virtual, fast and reliable network connections have never been more critical. Businesses and consumers expect a fully connected experience in all aspects of their lives and are eagerly accepting 5G’s faster data speeds, lower latency, and increased connectivity.
5G has promised to enable large-scale connections and capabilities that can pave the way for smart cities, remote surgery, autonomous vehicles, and other emerging technologies. And while it’s likely at least ten years away, some major carriers are already researching 6G, a next generation network that promises to bring even faster speeds, lower latency, and more bandwidth to instantly deliver information across decentralized, autonomous networks.
Mobile network providers are rushing to implement 5G, which is proving to be an extremely difficult and expensive process; however, the tougher part of the 5G “race” is to retool how we secure this new network and the ecosystem of devices and applications that connect to it.
What is 5G?
5G is a shorthand term that stands for the fifth generation of wireless cellular networks. 5G is not a single invention, but a combination of multiple underlying technologies that help to connect virtually everyone and everything together, including machines and devices.
Here are the main components of 5G (they require some basic knowledge of wireless networking to understand, but even if you don’t have that background you can learn a lot from reading the linked articles):
Using new signal spectrums to support more devices
Reducing power use via energy-efficient technology
Increasing spectrum efficiency with fancy modulation; it's possible to achieve 10 bits/Hz (we have basically reached the upper bound on bits/s (Shannon Theorem))
Going to a high-frequency range. E.g., 5G millimeter wave at 28 GHz and higher
Deploying multiple antennas. MIMO and beamforming are enabled by signal processing
Utilizing ultra-dense cells (dynamic antenna sector selection)
Why is 5G more vulnerable to cybersecurity threats?
5G and 6G networks will have a significantly larger attack surface than their predecessors, thanks to innovations in IoT, virtualized networks, and open source technologies. Their software-defined nature brings about various new security concerns that could lead to theft of sensitive data, disruptions of connected devices, and attacks on the network itself at an unprecedented scale.
Decentralization
The network has moved away from centralized, hardware-based switching to distributed, software-defined digital routing. Previous networks were hub-and-spoke designs in which everything came to hardware choke points where cyber hygiene could be practiced. In the 5G software defined network, however, that activity is pushed outward to a web of digital routers throughout the network, thus denying the potential for choke point inspection and control.
Virtualization
A key innovation of 5G and 6G networks is the virtualization of network functions previously performed by hardware. While this helps companies manage, monitor, and optimize networks more effectively, it also makes them more susceptible to attacks. If threat actors gain control of the software that manages the networks, they can identify and exploit vulnerabilities in a variety of ways — from wrongful access, to Distributed Denial of Service, to malware.
More Bandwidth
More bandwidth will strain current security monitoring. While existing networks are limited in speed and capacity, this has helped providers monitor security in real-time. So, the benefits of an expanded 5G network might hurt cybersecurity. The added speed and volume will challenge security teams to create new methods for stopping threats.
Open Source
5G and future 6G networks will be built with open-source software and standards, allowing for faster and more frequent implementations and, in turn, a broader attack surface. Open source’s increased transparency means that anyone, including cybercriminals, will be able to inspect the code to identify and exploit vulnerabilities. On the other hand, increased code visibility enables a much larger community of developers to identify, patch, and update vulnerabilities.
5G’s Connection with IoT
5G is seen as the enabler for large and efficient IoT networks. An IoT network can include tens of billions of smart devices — and each one is a potential gateway to (or target of) cyber-attacks. Once one device is hacked, it’s possible an attacker could potentially misuse that device and move laterally through the network, accessing sensitive records, intellectual property, and other connected devices. In July, for instance, Microsoft reported that Russian hackers had penetrated run-of-the-mill IoT devices to gain access to networks. From there, hackers discovered further insecure IoT devices into which they could plant exploitation software.
A 2020 Cybersecurity Insiders survey revealed that 72% of organizations experienced an increase in endpoint and IoT security incidents in the last year, with the top three issues being malware (78%), insecure network and remote access (61%), and compromised credentials (58%).
New Best Practices
All of the new challenges that come with 5G warrant a new approach to securing a network. To prepare for and prevent attacks on virtualized networks, businesses must embrace “security by design” and build security into each phase of the software development lifecycle. Software-defined cyber protections must be dynamic, with automated responses that stay ahead of equally active threats. As IoT accelerates in a 5G- or 6G-enabled world, businesses must invest in security initiatives to protect all entry points. Because of the use of open source software, businesses need to operationalize how they will manage and act on vulnerabilities and patches flagged by the open-source community. Lastly, increased bandwidth has made the use of AI in threat detection a must as legacy techniques cannot keep up.
If you are looking for more on how to securely implement 5G, check out the National Telecommunications and Information Administration’s Secure 5G Implementation Plan.