What are the security risks inherent with 5G communications – are there specific issues installers and end users are likely to face?
A: The security issues around 5G are the same issues we face now, just turbocharged. It’s just not that 5G brings new threats – existing threats will undergo considerable lateral expansion and amplification as multi-layered network points hold hands. New threats might include virtual identity spoofing but some of the older threats are going to get much more difficult to manage. The first risk relates to the nature of the platform. 5G is lateral and supported by virtualised distributed network infrastructure which increases the area of exposure open to attackers. 5G is meant to be open in all directions, across multiple layers, for it to function at top speed.
The simplest threat is one we’re all familiar with – the more connected everything is, the more intense will be the risks from distributed denial of service attacks driven by billions of devices (21.5 billion by 2025) on IoT networks. Many IoT device employ a client-server model which has a minimum of security and is likely to be deployed by users with little knowledge of cyber security. It’s a simple equation. The more devices, the bigger and faster and more widespread the networks, the more colossal DDoS events will be. Possible security fixes include validation of devices using Blockchain authentication.
Software-defined network (SD-WAN) vulnerabilities will also be amplified by 5G as SD-WANs are increasingly used to support mobile and IoT devices. Here, the threat is vulnerabilities in the SDN layers likely to be deployed to support industrial and home automation, self-driving cars and management of consumer services. The SDN-WAN risk highlights the fact security in a 5G environment must be layered and no layer can be ignored.
Another threat will be proximity service intrusions which compromise necessarily simplified device-device communications. The idea of proximity services is a good one – data will propagate in all directions through any network point, lowering latency, maintaining bandwidth and communication speeds and allowing vital services to be supported with greater redundancy. But bringing edge devices into networks means edge devices must be secure and must be capable of managing their own security real time – that means more processing power and greater power use. There’s something else, too. If edge devices can support 5G networks in emergency situations, they will be relied on to do so – that creates risk.
Something else that needs to be covered off is the Authentication and Key Agreement (AKA), which enables 3G, 4G and 5G networks to trust each other. AKA enables a user to shift usage charges to another user. It’s possible to use AKA to find nearby phones and track them. Only an update will resolve these issues.
The key security issue and the biggest challenge with 5G is going to be formulating global security standards that are built into 5G modules and devices of all kinds – this is going to be an ongoing process and you’ll need to ensure you purchase hardware that conforms with best cybersecurity practise and then configure and manage it to the same standard.
#securityelectronicsandnetworks.com