5G is peanut butter, unless…

Every good thing has a hidden side, one that surfaces slowly and, often, when you least expect it. Be cautious when pushing the button on your big 5G project.

By Pratima Harigunani

The funny thing about allergies is that you have to go through that swollen lip or the nasty itch before you discover – Ha! That’s one thing I cannot enjoy.

So when something totally mint-fresh hits the grocery stores or IT-shelves, this thought never pops in your mind except for hypochondriacs or consistent allergy-sufferers. How in the world are you to know if the new super-food that is making so much Instagram-buzz out there is going to hit you with a teary-eye. How in the world would you know if the amazing next big thing called 5G can hit you with a security mishap!

Bite 5G with care

If you ask Sophos Senior Vice President Sales for APJ Gavin Struthers about the vulnerabilities that may arise from a cybersecurity perspective when one thinks of 5G networks, he will not mince words and tell you that “Similar to 3G and 4G, a lack of visibility with 5G may be an issue, owing to its speed and potential to move exponentially more data, with connectivity that will surpass current broadband, visibility will be a bigger issue than ever before.”

Struthers explains that, at best, we’ll be able to see whether a device is using a 5G radio, in a 5G environment. “However, there will not be any visibility into what’s actually being transmitted over that radio, making it challenging to spot suspicious activity. We will be able to monitor 5G radioactivity with a spectrometer, for example, but we won’t be able to distinguish between good versus malicious 5G activity, since we simply will not be able to see what is included in that communication path.”

That is not a small question to ponder. The scale of this invisibility zone can be quite consequential as we watch 5G taking deeper and deeper roots ahead.  As per a recent Ericsson Mobility Report, four out of every ten mobile subscriptions in 2026 will be 5G. The current 5G uptake in subscriptions and population coverage iterate that the technology is deploying at the fastest rate – better than any generation of mobile connectivity.

In fact, by the end of 2020, more than one billion people will have access to 5G coverage globally. The report also mentions a 3.5 billion 5G subscriptions forecast by the end of 2026 – estimated to account for more than 50% of mobile data traffic at that time. If we look at India, 5G subscriptions are slated to surpass 350 million, accounting for 27% of all mobile subscriptions in 2026. However, when you look at how the 5G phenomenon translates for enterprises, the story is extra-large and extra-serious.

The Ericsson Mobility Report also indicates that critical IoT, intended for time-critical applications that demand data delivery within a specified time duration, will be introduced in 5G networks. This will enable a wide range of time-critical services for consumers, enterprises, and public institutions across various sectors, with 5G public and dedicated networks. Similarly, FWA connections are forecast to grow more than threefold and reach more than 180 million by the end of 2026 – making to about a quarter of total mobile network data traffic.

As Ericsson’s Market Area South East Asia, Oceania and India Head of Network Solutions Nitin Bansal pointed out in a recent report briefing, “5G has the potential to transform industries and society at large – with use cases such as smart manufacturing, smart cities, and advanced healthcare applications, just to mention a few.

As the technology proliferates, early movers stand to benefit by gaining the right experience and creating new use cases of relevance to their business. The companies and countries taking an active role in shaping and securing the 5G ecosystem in the early years have great potential to lead use case scaling once the market takes off.”

We can monitor 5G radio activity but cannot distinguish between good versus malicious 5G activity since we can’t see what is included in that communication path.

That means a lot of gains would be lying in the front row of this technology-adoption. But the first ones to arrive are also the ones to take the arrows. Can enterprises find a good trade-off between an early-mover’s risk and early-mover’s gain?

The security risk is especially high with unmanaged devices, since hackers may be able to exfiltrate data, undetected. But there are still challenges involved with managed devices too. Hackers may not be able to go completely undetected throughout the attack, but they could still use the 5G backchannel to exfiltrate data. Regardless, it’s nearly impossible to manage the risks if you don’t know what exists and what’s happening within your environment, hence why lack of visibility within 5G environments will be a meaningful problem, Struthers cautions.

Another report, this one from Research and Markets, also underlines that 5G presents more security risks, as criminals may be able to exploit flaws in the 5G network, such as virtualization vulnerability. “As 5G connects numerous devices, from conventional devices used in enterprises to IoT devices used in OT and commercial environments, the potential attack surface expands. Compromised IoT-based DDoS attacks and other attacks that exploit endpoint/device application vulnerabilities are expected to increase.”

Yes, a key part of the 5G surface is the proliferation of IoT and sensors empowered by the new technology. Also, a lot of the enterprise-intelligence will move towards the edge as 5G makes more and more room for low-latency applications. This is where cyberattacks will turn nastier because they can be intelligent, automated, and defense-aware – all the while tapping into a big playground that is under the radar for most control rooms.

5G adoption will also be gravitating to mission-critical systems so the lure of cyber-espionage and handicap-them attacks would be all the stronger. These attackers can also exploit M2M devices, IoT points, and edge spots as their own weapons by using adversarial AI and weaponisation.

In fact, Unit 42 2020 IoT Threat Report points out that almost 98% of all IoT traffic is unencrypted with heightened exposure of personal and confidential data on the network, while as much as 57% of IoT devices are vulnerable to medium- or high-severity attacks. “We found that the general security posture of IoT devices is declining, leaving organizations vulnerable to new IoT-targeted malware as well as older attack techniques that IT teams have long forgotten,” the report says.

Can you pop some pills?

What’s the solution to the threat-aspect of 5G then, if any? Organizations may stipulate for IoT devices in the environment to be connected to the corporate Wi-Fi to gain visibility into traffic and to notice anomalous communications. Struthers suggests that if you can put an agent on manageable devices, you’d be able to identify that something unmanaged is talking over the 5G radio. “However, this does not imply that you will be able to decipher what that device is actually saying, making it incredibly difficult to spot attacks while they’re occurring.”

Basically, businesses and network operators will adopt a shared security model, similar to public cloud security – as the Research and Markets report surmised. “DDoS protection is likely to become the most important component of 5G security, as the number of devices connecting to a network grows each day.

As these devices are often vulnerable to exploitative attacks, organizations will have to invest more in vulnerability management capabilities to prevent volumetric DDoS attacks. A conventional security approach may not offer adequate protection when bandwidth usage increases.” It is time to seek scalable and automated security solutions – maybe, with AI-/ML-powered threat detection-and-response capabilities.

All said, businesses shouldn’t avoid using devices with 5G just because there are potential security risks. Instead, they need to understand that 5G will soon become inevitable in the business environment and therefore the best thing to do is take the necessary precautions to secure the corporate infrastructure, opines Struthers.

The arrival of 5G will highlight the need for protection at every layer of the environment, and businesses will benefit from taking advanced precautionary measures. “5G will be another exciting disruptive and enabling technology. It will be your friend but be clear on making that friendship does not disappoint by implementing a pragmatic risk approach to its implementation in your environment.”

Perhaps, he is saying – do not be paranoid but be aware when something swells up at the wrong place. When you dig into something new, be ready for everything –warts and all!

Security risk is high with unmanaged devices since hackers may be able to exfiltrate data undetected. There are challenges involved with managed devices too.

The 5G security impact

Most devices in enterprise environments don’t have 4G chips in them, since 4G isn’t significantly faster than Wi-Fi. 5G technology, however, will improve on its predecessors with faster speeds, higher bandwidth, and lower latency, which will likely make it more common than 4G ever was.

• While the faster speeds definitely have their advantages for users, they’ll also cause disadvantages, since hackers will be able to exploit its speed. For example, an attacker covertly gains access to a photocopy machine that has a 5G radio due to the lack of visibility, and as a result, can access all the sensitive information on the machine.
• Helped by the bandwidth and speed of 5G, the attacker then quickly exfiltrates all that data – without raising a single red flag. If and when the compromise is identified, it’s too late.
• Another unfortunate, but very real truth that organizations need to face is the possibility of there being an advanced attacker in their network, who is already looking for additional ways to reap more financial rewards.
• 5G doesn’t require hackers to be more skilled, since they can use the same attack methods to enter the network. But, 5G does provide an opportunity to do much more damage, since they can exfiltrate massive amounts of data a lot faster than ever before.

Fighting 5G security threats

• Lock the backdoor: 5G can create a backdoor to your network. Think about network segmentation – what is permitted in the environment – and plan for an internet-facing IT infrastructure. Make sure there is visibility into everything. This doesn’t mean it needs to be tightly managed, instead of that you have visibility and can be managed as much as necessary.
• Trust No One: Use a zero-trust approach and insist on no-exceptions visibility
• Use Tailors: Adopt tactics and solutions that work for 5G-spots – like dynamic threat correlation, threat lifecycle management, customizable access, and privilege management
• Know what is on the network: Discover unmanaged devices in the environment. This may be a challenge if they’re only communicating through 5G, but if they’re also on Wi-Fi, they can be discoverable through network scans. Unmanaged devices can also be discovered through an EDR product, which observes all network connections to and from managed devices. Doing a query to find all communications to and from an unmanaged IP or MAC address could provide that discovery.
• Get the basics right: Good old-fashioned encryption and access controls provide a good level of security for data and access to it.

  feedbackvnd@cybermedia.co.in