5G icon with other virtual technology icons showing how 5G networks can change an enterprise’s security threat model

How Will 5G Change Your Enterprise Threat Model?

5G is the fifth generation of telecommunications technology used by the mobile phone cellular network. Cell devices are connected to the Internet and a communication network via a 5G radio wave signal. 5G is already being rolled out to major cities around the world and the technology is being heralded as a game-changer for the enterprise.

5G has also introduced wider bandwidth capabilities, allowing significantly higher numbers of concurrent users to download at maximum speeds. The download speeds are dependent on the network carrier, but most are expected to be about 20 Gb/s (gigabits per second), or 20,480 Mb/s (megabits per second) for download, and 10 Gb/s (gigabits per second), or 10,240 Mb/s (megabits per second) for upload.

5G technology is a big deal for data-driven technology businesses around the world. The surge in increased bandwidth will enable machine wireless communications at breakneck speeds. The technology will increase data transfer speeds and upgrade productivity and efficiency for remote devices. Rapid device-to-device connectivity will become the norm.

However, as with any new technology, security must be at the forefront of all decision making. The benefits that 5G networks will enable come with many unknown security risks. Organizations should be paying attention to this now to help protect the enterprise, guarding against potential threats and structural vulnerabilities of the 5G network. Identifying risks now will allow organizations to enumerate and mitigate security issues before the technology is embedded in everyday life.

How secure is 5G?

There is no doubt that 5G is secure. It has been designed from the ground up with security at the forefront of the creation process. 5G incorporates end-to-end encryption over the cellular network but many professionals are concerned about other, less known security concerns.

Firstly, 5G is a machine network. It is a network used by devices to communicate around the globe. Billions of data values will be communicated over the network daily, and Internet of Things (IoT) devices such as mobile phones, smart cars, and smart homes are ideal candidates for the 5G service. 5G is expected to give a major boost to the world economies, and organizations are expected to leverage IoT devices in abundance. Some forecasters are predicting as many as 125 billion connected IoT devices by 2030.

This creates a security predicament, as enterprise security teams will have a much larger digital footprint to protect. One that uses a relatively unknown consumable technology. Early IoT devices worked on trust relationships for security, but big questions have been asked about the long term security of IoT devices.

With such a large digital footprint, the probability of a hacker exploiting some form of vulnerability is substantial. With the speed of the 5G network, the hacker could have all your confidential information off of the device in a matter of seconds. Enterprise threat models must be updated to increase visibility and security awareness, and prioritize security control of endpoints.

Distributed digital networks

5G networks have been designed for industrial applications, business-critical applications, as well as enhancing social applications. The 5G network will rely heavily on edge network computing for cache and storage. This will raise questions about compliance and regulatory rules on data privacy and data location.

When data traverses the 5G network, software-defined routing is used on new, existing mobile, and physical mobile networks. Data is spread out between more than one network, resulting in rapid exchanges of data from different sources to each endpoint. This design initiative replaces traditional network routing from a single source to a single endpoint.

As a result, this type of network routing reduces the number of hardware choke points. These locations have typically been used from traffic analysis, security monitoring, and implementing security controls, but on 5G the entire network design is fundamentally different.

Virtualization

The 5G network has modernized away from physical network appliances to virtualized higher-level network functions. This can create potential vulnerability as standardized IP protocols are used on well-known operating systems.

Although difficult, and dependent on these devices not being maintained to a high security standard, many vulnerabilities may exist which may be easily exploitable by hacking communities. It is not uncommon for early releases of new technology to be inherently vulnerable. If you consider how operating systems and appliances evolve over time, huge numbers of exploits are “patched” over a product’s lifetime.

Other cybersecurity vulnerabilities

As 5G technology is still in its infancy, and the technology varies from country to country, it’s difficult to predict how secure the technology will be. The U.S. government has directly raised concerns over using Huawei 5G technology, due to concerns over potential unauthorized surveillance and the possibility that snoopers can gather metadata on endpoints.

Identifying the #security risks of #5G networks now will allow organizations to mitigate them before the technology is embedded in everyday life. #respectdata Click to Tweet

Metadata alone can be used to create mobile network mapping (MNmap) information to identify multiple user locations. This information can then be used to implement denial of service attacks. Bidding down attacks can be launched to downgrade the data rate of the 5G network. Battery drain attacks can kill IoT devices in very little time.

 

President and CEO at Atlantic.Net