5G is the next quantum leap in mobile and wireless communication, providing unprecedented speed, capacity, and capabilities. In the 5G world, networks will serve trillions of connected things, and each person will be supported by hundreds of connected devices.
In addition to these opportunities, the combination of new capabilities and virtualisation in 5G introduces new threats. 5G has significantly more network end-points that cyber criminals can exploit, and 5G virtualisation means that the entire connection is based on software, which is inherently hackable.
Transforming society by reconceptualising the “network”
Understanding where the vulnerabilities exist is a critical first step toward protecting 5G networks from cyber threats.
This entails implementing a process that involves identifying, profiling, and assessing the health of each component before allowing it to connect to the network, and, if necessary, restricting access to the 5G service based on this assessment. It's known as a zero-trust approach, and it will assist organizations throughout the 5G ecosystem in striking the right balance between business risk and 5G security.
5G Expands Cyber Risks
The network is transitioning away from centralized, hardware-based switching and toward distributed, software-defined digital routing. However, in the 5G software defined network, that activity is pushed outward to a web of digital routers spread throughout the network, removing the possibility of chokepoint inspection and control.
5G adds to its cyber vulnerability by virtualizing higher-level network functions previously performed by physical appliances in software. These activities are based on the Internet Protocol common language and well-known operating systems.
Even if it were possible to secure the network's software vulnerabilities, the network is also managed by software—often early generation artificial intelligence—that is vulnerable.
The dramatic increase in bandwidth that enables 5G opens up new attack vectors. Low-cost, short-range small-cell antennas deployed throughout urban areas become new physical hard targets.
Finally, there is the vulnerability created by connecting tens of billions of hackable smart devices (actually, small computers) to the Internet of Things network. Plans are in the works for a diverse and seemingly endless list of IoT-enabled activities, ranging from public safety to battlefield to medical to transportation—all of which are both wonderful and uniquely vulnerable.
In this paper, we argue that a zero-trust approach, combined with company leaders focusing on three key pillars—trust, resilience, and enablement—will form the foundation of a sound cyber strategy, allowing companies to roll out 5G quickly and safely.