5G is the next phase of communication, but unique cyber risks abound

With 5G network roll-out now well and truly underway and widely available to millions of individuals and households, carriers might be forgiven for thinking that all necessary cybersecurity considerations have been taken into account. After all, conceptually speaking, 5G is simply ‘the next phase’ of global communications, says John Vestberg, CEO of Clavister.

However, now more than ever is the time for organisations to take seriously the various cybersecurity risks that exist along the road to seamless and safe deployment. GSMA Intelligence projects 5G growth will reach 1.8 billion global connections by as early as 2025 and that the decommissioning of 2G and 3G systems will accelerate timelines further, so it’s crucial that those at board-level ensure networks remain secure in line with these changes.

In fact, the sheer ubiquity of the technology on the horizon surfaces its own significant cyber risks that mean leaders and policymakers will need to deploy a series of mitigation tactics to protect networks, users, and their own reputations.

Greater complexity means greater risk

The explosion in the manufacture and use of IoT and edge-connected devices will intensify the need for 5G due to the volume of data produced, but also leaves networks vulnerable to cyber-attacks across an ever-growing number of touchpoints and possible backdoors. Staggeringly, the global IoT in manufacturing market size was valued at $198.25 billion (€182.51 billion) in 2020, and is projected to reach $1,495.65 billion (€1376.88 billion) by 2030 this brings with it a huge increase in the level of complexity when it comes to protecting these devices.

In cybersecurity terms, the risks that come with this increased threat surface exist not only by virtue of this volume, but also because there is no mechanism per se embedded in many of these devices that can handle potential malicious actors. There is a real and tangible danger of backdoors if security is not embedded by default, which is very often the case when many manufacturers are still getting to grips with the technology.

This poses a significant security threat to everyday consumers, but also, crucially, to critical national infrastructure and global, geopolitical relations. As mentioned, the advent of 5G networks will mean greater virtualisation at the network core and edge in line with this trend, giving foreign threat actors a greater array of opportunity to gain access through such devices.

In fact, we saw an example in Sweden earlier this year where Stockholm’s Arlanda Airport installed screening equipment software supplied by a Chinese vendor despite clear warnings from global authorities to adopt a heightened state of awareness of possible state-sponsored cyber threats.

Guaranteeing ‘security by design’

A drastically higher degree of virtualisation and elasticity in telecoms cloud environments will require new types of cybersecurity with more flexibility and scalability to deal with the ballooning connectivity demands being imposed on businesses, operators today have no choice but to enhance their infrastructure through methods such as network virtualisation and software-defined networking.

It is therefore imperative that they also closely evaluate their existing infrastructure with this in mind to guarantee ‘security by design’. Operators need to make the decision between ‘scaling up’ by purchasing more capable hardware to cope with these demands and ‘scaling out’ by making investments in a greater quantity of lower cost hardware to spread out the load.

Crucially, this isn’t a like-for-like trade-off. New types of cybersecurity are needed that adapt to these increased capacity requirements by introducing improved flexibility and scalability without compromising on protection. Rather than simply focusing on cost optimisation, a concerted effort must be made at board-level to invest in high-quality software solutions that don’t jeopardise security for the sake of scale and low cost.

The reputational ‘double-edged sword’

On a broader note, it’s important to make the distinction between IoT manufacturing, and telecoms companies when it comes to 5G security. Network operators are in a unique reputational position from a business perspective they need to carefully balance their twin objectives of short-term growth and maximising the number of customers they serve and protecting their long-term reputations by avoiding potentially ruinous data breaches.

|For example, in March of this year telecoms giant Vodafone was forced to investigate threats from hacking group Lapsus$ that it would leak 200GB of the firm’s source code after an alleged breach.. Indeed, while operators are rightly prioritising innovation through infrastructure investment to welcome 5G and provide an improved service for customers, they must also keep security firmly in mind and exercise the right amount of caution in doing so.

This unique environment also presents a significant opportunity for MSPs who are better equipped to manage these risks to sell secure services to IoT deployments without risking overreach. However, for any business looking to safely and securely accommodate 5G networks, proper and considered education on the risks they present will be crucial to mitigating threat from malicious actors of any kind.

Could the next phase of communication signal a security turning point?

By 2027, it’s predicted that almost half (49%) of all mobile subscriptions will be 5G if this tells us anything, it’s that the technology now surely represents the next natural stage of networks for all of us. However, it’s equally clear that the technology will bring with it unique cyber risks if business leaders aren’t alive to the threats it poses.

John Vestberg

Although one of the main differences between 5G and previous generations of mobile networks is volume, senior decision makers across the telecoms space must take seriously the need to deploy flexible, scalable solutions to accommodate the demands 5G will impose on its infrastructure.

By prioritising education and ‘scaling up’ rather than ‘out’, they can guarantee security by design, protecting themselves and their customers from growing cyber threats on an individual, organisational and international level. While the increased complexity and demands of 5G (from the core of the network to the edge) undoubtedly present many risks, they should also signal a turning point and an opportunity for operators to re-evaluate their long-term security posture.

The author is John Vestberg, CEO of Clavister.

Comment on this article below or via Twitter: @VanillaPlus OR @jcvplus

RECENT ARTICLES

Connectbase expands baltic connectivity with Bitė partnership

Posted on: March 28, 2024

Connectbase has announced the addition of Bitė to its ecosystem. This partnership marks a step forward in enhancing connectivity options within the Baltic region, providing a link between local and

Read more

IOT Solutions World Congress 2024 connects semiconductor chips to industry

Posted on: March 27, 2024

Essential to manufacture computers, smartphones, cars, refrigerators or any electronic device, semiconductors are critical elements in the implementation of the Internet of Things. For this reason, IOT Solutions World Congress

Read more