5G Security Risks & Remediations


All the wireless network connections that take place today use 4th generation, commonly known as 4G, technology.  The first versions of this were deployed in both Oslo, Norway and Stockholm, Sweden, back in 2009.  Because of advancements in technology and the explosive demand for rapid cloud services, the need has risen for even faster wireless.

Currently, 4G LTE networks can produce download speeds of 5 to 12 Mbps and upload speeds of 2 to 5 Mbps for mobile users, while traditional router-based internet speeds knocked on the door of 100 Mbps download speeds and 25 Mbps upload speeds. This has led to the birth and adaption of 5G network, which is going to provide users with router-based connections the ability to hit speeds between 1 and 4 Gbps. Yes, we said gigabytes!  

Essentially, 5G consists of many microprocessors that transmit data packets at a very high rate of speed.  At the core of this is the radio access network (RAN).  This is connected to the many routers, hubs and switches that exist in the global network infrastructure.  It is from this point that the interconnectivity takes place, and where objects and devices can gain much quicker access to the internet than ever before.

What does this mean for you and your business? It means you are on the verge of accessing information in real-time. Lots of software programs and companies say you have real-time monitoring, which means that you can watch what’s going on or access things as soon as they become available. However, the surge in speed with 5G means that the instant the data is sent, it is readily available.

When compared to the 4G protocol, 5G is considered to be much more complex in nature and as such, is going to leave a lot of experts and businesses wondering about its full potential.  Because of this, the cybersecurity risks and concerns with 5G are only increasing. This has a cyber attacker moving from a souped-up street racing Honda Civic to a Lamborghini – and expecting the current “law enforcement” to keep up. It isn’t going to happen, and as such, steps need to be taken to ensure that security protocols can be implemented as quickly as possible to mitigate potential damage.

Assumptions and Risks Associated with 5G

It will encompass all levels of infrastructure.

Once 5G has been fully adopted, it will essentially be the main form of connectivity between all types of infrastructure, both physical and digital.  For example, all wireless devices that connect to the cloud at some point will transition over to 5G, as well as all facets of critical infrastructure.  This includes the national electrical grid, nuclear power facilities, gas and oil pipelines, water supply lines, and even major agricultural distributions. The dual nature increases the probability of leaving many covert “backdoors” open to hackers.  Once these points of entry have been penetrated, cyber attackers can launch massive disruptions or even shut down the mission critical functionalities.

There will be increased dependency upon third party suppliers.

Because there are many more components involved with 5G, the dependency on additional vendors has also expanded.  Currently, there are potential concerns with Huawei, the Chinese manufacturer that is the world’s largest supplier of the equipment necessary to efficient run a 5G wireless network. There is heavy investment being made in 5G research and development, and it can offer complete end-to-end solutions for both the wireless carriers and the telecom data centers.  Unfortunately, the United States government has expressed grave concerns over the security practices of Huawei, and the Department of Commerce currently restricts the use of Huawei-based equipment in wireless networks. 

5G is getting away from a centralized approach.

4G uses a centralized approach (also known as the “hub and spoke”), which utilizes hardware devices as the main intersection points when it comes to connecting wireless devices together and providing access to the Internet.  5G does not use this same methodology, but rather a distributed, entirely software driven approach, known as “digital routing”.  As a result, it’s more difficult to deploy and maintain the proper levels of security controls with 5G vs. 4G.

All functionalities are now virtualized.

Because of the software driven approach of 5G, all critical functionalities are now cloud based, or “virtualized”.  All types of cloud infrastructures (including those of IaaS, PaaS, and SaaS) have their own set of exclusive security risks that come with them.  This only increases the vulnerability levels of 5G, when combined with the issues of greater interconnectivity. 

There will be a greater use for Artificial Intelligence (AI).

AI is now becoming a tool of choice for automating repetitive tasks and performing other managerial functions in a software-based environment.  5G is also making use of AI in this regard.  But it is important to keep in mind that many of the AI tools that are being used are still deemed to be that of the first generation.  Although they can be advantageous, AI can also be manipulated and mis-configured by cyber attackers to serve nefarious purposes.

Bandwidth will need to expand.

5G will usher in a new era of greater bandwidth.  As a result, many metropolitan areas and smaller towns all across the United States will be deploying small cellular based antennas in order to effectively serve this purpose.  These cellular based sites will make use of what is known as “dynamic spectrum sharing”.  This breaks up the increased levels of bandwidth into slices, so that they can be used more efficiently.  Each slice that is created has the potential to bring in its own set of cybersecurity vulnerabilities, compounded by the fact that the antennas themselves can also be a source of prey for cyber attackers.

It is designed for the IoT.

The 4G was designed more for applications and to allow people to communicate seamlessly.  But 5G has been designed specifically to serve what is known as the Internet of Things, or IoT (along with serving the wireless needs of infrastructure).  This is an environment in which devices in both the physical and virtual worlds are all connected with each other.  Eventually all this interconnectivity will give rise to smart homes and even smart cities, where all tasks will eventually become automated.  While this certainly has its advantages, it has one insurmountable cybersecurity risk:  The attack surface has been greatly increased, which will prove very difficult to overcome.  Plus, it’s highly anticipated that 5G will eventually only be compatible with those devices and products that are “smart” in nature.  For example, through a “backdoor” in the 5G network, a cyber attacker can easily commandeer a smart car and cut off all communications to it, thus putting the driver and the passengers in grave danger.  Or a hacker can even gain access to a smart medical device that has been implanted into a patient, putting their life in their hands.

What’s to Come

Cybersecurity weaknesses are prevalent within the 5G network, and although it is being deployed quickly, there are still many parts of the world that have yet to implement it.  One of the common themes outlined here is interconnectivity, especially when it comes to linking all sorts of devices together, leaves many more doors open for cyberattacks.

Trying to determine solutions to alleviate these risks can be overwhelming for one individual or organization. It is important as 5G is rolled out, that you tap into resources to get the appropriate security plans in place.

Have questions or need help making a security plan? Tech Guidance gives free advice and assessments -  just submit a consultation request. 

Comment on this article