5G is not just about doing the same things faster, but opening up entirely new applications in a wide range of industries due to 5G’s incredibly low latency, and high throughput. For example, 5G will enable fully autonomous “smart factories” that could add $1.5 trillion to $2.2 trillion annually to the global economy by 2023.
Ensuring the flawless deployment of 5G for these novel use cases is vital; it is one thing if a downloading movie malfunctions, it is another entirely for, say, remote surgery enabled by 5G. Providing industrial-grade performance everywhere, every time is a must.
One focus area in making 5G a “trusted network” is cybersecurity. Malicious actors have proliferated, and can degrade latency, or even stop service outright. This is particularly true of the most common form of cyberattack, Distributed Denial of Service (DDoS). At a high level, DDoS attacks use brute force by redirecting internet traffic in order to overload and disrupt its intended target, which could be devastating for 5G users engaged in critical applications.
On the protocol level, 5G has many improved cybersecurity features, e.g. much stronger ciphering algorithms. These give organizations the ability to encrypt data with more advanced 256-bit encryption keys, which are essential to preserving data integrity. Furthermore, consumers and organizations are better protected against man-in-the-middle attacks. Prior to 5G, when a user’s device was roaming, the home carrier network of the subscriber had to trust the visited network through which the authentication took place, a weakness the 5G protocol will fix.
However, although the protocol layer is more secure, what’s missing in the conversation about 5G and cybersecurity is how much more work must be done to secure devices and applications. The 5G ecosystem is far more diverse than previous generations, and the subsequent proliferation of 5G infrastructure provides malicious actors with a multitude of attack vectors. 5G’s security depends just as much on proper implementation, configuration and monitoring of these components as it does the protocol layer.
DDoS attacks in particular thrive on unsecure devices. In recent years, they’ve become exponentially more powerful by harnessing ‘botnets,’ a network of devices infected by malware that amplify the power of the attacking party. Currently, malicious bots are estimated to be a staggering 20% of all Internet traffic, and that may actually be an underestimate. 5G network security must protect devices from these attacks, but also identify and isolate compromised devices from launching further volleys; in other words, there must be both inbound and outbound protection.
And botnets are not the only threat. Other forms of attack like ransomware will be largely undeterred by 5G’s protocol-layer improvements, and have a feast of Internet of Things (IoT) devices available to hack. Plans are underway to harness 5G for an incredibly wide array of industries, from public safety to healthcare to transportation and beyond, requiring literally tens of billions of smart devices connected to the 5G network that could be hackable. For instance, doctors could put sensors on a patient connected to 5G from which they would transmit data for analysis and interpretation. If those devices were compromised by hackers, the patient’s data could be manipulated. Securing applications and services like these will mitigate the risk of malware, and protect the legions of 5G IoT devices.
The first step for enterprise users is education — understanding what potential threats are out there for each specific industry, configuration and application. For example, current DDoS solutions use Layer 4 information to identify and mitigate DDoS attacks. With 5G, deeper Layer 7 visibility is required to identify and isolate bad actors from taking down services. Relatedly, the second step is working with trusted partners to help customize device and application cybersecurity.
The bottom line, though, is that to ensure user safety as well as to meet Service Level Agreements, end-through-end visibility into the sea of devices and applications connected to 5G is needed for it to be a truly trusted network. We’ll explore another crucial and related focus area in Part 2.