/////////////////////////////////////////////////////////////////////////
FEATURE: MOBILE TECHNOLOGY
The reality is that many of the security risks
associated with 5G infrastructure can be
avoided in the early stages of development.
Often in the early stages of implementation,
operators do not pay nearly enough
attention to intergeneration security and it
becomes an afterthought – when flaws may
have already been built in. This approach
makes financial sense in the short term, but
further down the line, vendors will be forced
into remedial security measures as issues
arise. This will put a squeeze on budgets
which have failed to factor in the potentially
enormous cost of later-stage security.
Dmitry Kurbatov,
CTO at Positive
Technologies
bandwidth speeds to the point where this
would take just 21 seconds. As exciting as
this sounds – with great power comes great
responsibility. As operators deploy to keep
pace with evolving customer expectations of
being ‘always on’ and ‘always connected’,
it also becomes a prime target for
cybercriminals to wreak havoc.
One of the major cybersecurity risks is
that 5G is not entirely replacing previous
networks. The reality is that 5G networks are
still reliant on a pre-existing 4G (LTE) core,
which means that any new networks will
have the same security flaws from day one.
Vendors’ priorities need to fundamentally
change when it comes to launching their
5G networks. Despite their best intentions
to have secure networks, the residual flaws
of previous generations will be a consistent
thorn in the side of operators.
Our recent security audit found that every
4G network is open to exploitation
by hackers seeking to commit crimes,
such as denial of service (DoS) attacks
and tracking the location of a user, with
one in three at risk of fraud attacks on the
operators themselves.
Another issue which is growing in regard to
5G is that it will penetrate so many aspects
of daily life – whether it be healthcare,
transport or any number of other industries
– and with the rise of IoT, the threat
landscape has become more connected and
complex. With an estimated 20 billion of
these devices in use by 2020, new threats
www.intelligentcio.com
emerge every day, but for operators to
have a chance they will need to adapt to a
much broader range of devices and develop
specific threat models tailored to them.
Our researchers found that the number of
malware campaigns targeting IoT devices
grew by an incredible 50% over the last
year, during which time we identified more
than 1,100,000 vulnerable devices.
The main vulnerability IoT presents is the
opportunity for cybercriminals to use botnets
to orchestrate scalable malware infections in
poorly protected devices. The potential for
disruption is massive – Mirai malware was
used in October 2016 to devastating effect
through a coordinated DoS infection of IoT
devices and resulted in many high-profile
websites becoming temporarily inaccessible
such as Amazon, Netflix and Airbnb. The
next threat like this is around the corner
and as the number of IoT devices increases
exponentially, so too does the level of
potential disruption.
Quick-fix patches are not the answer and
real consideration needs to be made about
integrating solutions effectively into the
network architecture. This is a frequent
issue with 5G networks – experts have
found that one out of every three attacks
on 5G infrastructure succeeds because of
the incorrect configuration of equipment.
It is clear that the most successful security
measures are those which implemented
as early as possible in the development
of a network.
However, as it currently stands, operators
remain focused on speed and innovation,
with security at the back of the queue.
Operators need to take a ground-up
approach – focusing less on the bells and
whistles of 5G and more on the nuts and
bolts of its security from day one. This
will not only save on costs further down
the line but provide an additional selling
point: as more money is pumped into 5G
development, robust security strategies will
increasingly be of value as insurance against
growing threats. When effective security is
finally in place, we can begin to think about
all the ways in which 5G can positively
transform our lives. n
OPERATORS NEED TO TAKE A GROUND-
UP APPROACH – FOCUSING LESS ON
THE BELLS AND WHISTLES OF 5G AND
MORE ON THE NUTS AND BOLTS OF ITS
SECURITY FROM DAY ONE.
INTELLIGENTCIO
57