How 5G introduces new security vulnerabilities

The migration to 5G is underway with more hype than any IT innovation in history (at least it feels that way). Predictions about 5G’s potential have reached fever pitch, according to Gartner, 66% of organisations already plan to deploy it by 2020.

But while this is an exciting time, how many of us really know what 5G is or what infrastructure is needed to make it a reality? Even more important, how many people and businesses are thinking about the security concerns of implementing 5G?

With low latency and higher bandwidth, 5G brings together cloud-based services, network function virtualization, IoT and Industrial IoT, and edge platforms; this raises a problem, more users and more devices mean there are more things that can go wrong.

5G deployment will require pervasive security – while mobile carriers will need to accept their role as critical infrastructure in the dynamic, volatile world of 5G IoT.

The infrastructure requirements of 5G

While concerns around more data bringing more vulnerabilities are valid, it’s far from the only hurdle; there are issues with 5G at a technology layer.

According to Bill Malik, VP of Infrastructure Strategies at Trend Micro, the advanced functions associated with 5G, particularly ultra-reliability and low latency, are going to put additional demands on an enterprise’s infrastructure.

Why 5G is the heart of Industry 4.0

We are in the middle of the fourth industrial revolution. While many business leaders are paying attention to energy consumption and automation, is 5G the true driver of Industry 4.0?

“Ultra reliability means enterprises are going to have to duplicate their infrastructure,” he said. “The only way to get a highly available system is to have a backup you can cut over to rapidly.”

With 5G, data will arrive too rapidly for most legacy applications. Many enterprise data strategies do not take the technical challenges presented 5G into account. Organisations will require an enterprise data layer – a highly distributed, always available data store that supports master and operational data to provide real-time data availability and functionality to all consumers and endpoints.

The danger of failing to update the infrastructure accordingly is heightened by the fact that we will depend on 5G more than 4G for mission-critical applications. 5G will connect applications that are critical to life and safety.

5G authentication

While 2G, 3G and 4G were designed for people, 5G is specifically designed for ‘things’. A recent Gartner report found that two-thirds of organisations are planning to deploy 5G that connects to IoT devices. As 5G becomes more widely used across smart cities, banking or as part of a nation’s critical infrastructure – information sent and received must be trustworthy.

5G might involve reviewing rules applied in filtering out malicious network traffic, as the current rules used might not recognise the subtleties of the highly customised traffic possible with 5G.

The addition of more IoT devices could also present attribution difficulties for security statistics that have been used to monitoring only human subscribers — as opposed to machine subscribers, a second subscriber type made up of IoT devices.

5G and IoT – how to deal with data expansion as you scale

Patrick Callaghan, strategic business advisor, DataStax, explains how 5G and IoT increases demand for distributed data

Threats may appear from 5G networks connecting to devices with poor or no inbuilt security. Threats may also emerge from distributed data centres, edge computing and network slicing.

Malik added also that because 5G cellular equipment is less expensive than 4G, attackers could create their own cellular towers more cheaply. Phoney cell base stations already exist, according to research from Defcon.

Furthermore, the current 5G AKA authentication standard may not be adequate, as researchers report in ‘A Formal Analysis of 5G Authentication’.

In a report, the Journals of ICT Standardization suggested enterprises take a multi-level approach to 5G security, including trust models, authentication and key agreement (AKA), and an extensible authentication protocol (EAP)-based secondary authentication, among others.

Why digital trust matters in the IoT

As IoT adoption continues to rise, business success in the world of connected devices depends on building digital trust with consumers

Avatar photo

Andrew Ross

As a reporter with Information Age, Andrew Ross writes articles for technology leaders; helping them manage business critical issues both for today and in the future

Related Topics