Stay informed about the acquisition of Public Interest Registry

by Ethos Capital

Home / Blogs

Will 5G Implementation Lead to an Increase in Ransomware Attacks?

Samuel Bocetta

5G has arrived and is poised to supercharge our lives with ultra-fast download speeds and better than ever connectivity.

It may not be ready to replace WiFi just yet, but AT&T has already deployed 5G networks in various cities across the US. 5G tech was the hottest commodity at CES 2019.

According to some estimates, 5G will bring $12 trillion into the global economy by 2035, connecting everything from our toasters to our pet's collars and a range of other IoT devices. Even critical infrastructure will eventually depend on 5G.

The enhanced user experience for mobile device consumers, enterprises and larger entities will (hopefully) lead to increased productivity, faster service delivery, and improved virtual networks.

However, the wonderful improvements in speed and lower latency rates will be enjoyed by literally everyone connected to a 5G network… and that includes hackers, scammers, phishers, and terrorists.

The most prominent security concerns on 5G networks

Even before we had 5G networks, the advent of 4G and the spectacular growth rate of broadband led to some of the worst data breaches and cyberattacks to date.

They included malware that could cause physical damage to equipment, such as the breach of the Office of Personnel Management, a cryptoworm that has cost the global economy billions of dollars and invasive surveillance from oppressive regimes from around the world.

Even IoT devices came under fire as a smart car's steering mechanism was taken over by hackers in the middle of a test drive and a casino saw itself being broken into after hackers gained access to its online network via an internet-connected thermometer in their aquarium.

The fact of the matter is that malware, identity theft, ransomware, cryptojacking and data breaches have become so commonplace. This can be very financially dangerous for everyday individuals when you consider that 46% of Americans lack a rainy day fund to pay for basic expenses. What happens when any of those Americans become the victim of a major data breach?

The most prominent security concerns on 5G networks

Fifth-generation or 5G networks create an expanded, multifaceted cyberattack hazard. It poses a very real threat to data security and the IoT as they are in essence, an ecosystem of ecosystems that requires redefined and more intricate safety and security measures and strategies.

We already have some of the best VPN services at hand, but despite these products and other safety advances, we need to approach 5G network security with caution and vigilance due to their potential for privacy invasions and cyber breaches.

Some of the most prominent security concerns facing larger entities, enterprises and consumers on 5G networks are:

A larger attack surface

Because 5G will enable connectivity for millions of IoT devices, there will be more entry points for cyberattacks than ever before with each new device a potential target or weapon. The attack surface is also expanding due to the expansion of IP Networks.

According to Ken Rehbehn, directing analyst, critical communications at IHS Markit, "The simpler legacy voice systems were designed without IP data protocols, as such the attack surface as a result was a much narrower interface. When we move to heterogenous IP-based networks, there are many paths through which data can travel, so the perimeter needs to be secure."

The most common cyberattacks we have today will be applied ten-fold and we need to be ready.

Cyberattacks will have bigger impacts

Individuals, larger entities and enterprises will be more dependent on their 5G networks than its forerunners. Our critical infrastructure, hospitals, air traffic and even smart cars will be totally reliant on its integrity. While our data may never be anonymous, it is important to note that one small breach can have a cascading effect on all the interconnected devices.

The same way we use software to monitor a website's performance, we will need highly specialized monitoring services that can monitor or 5G networks for any and all breaches, as the fallout from any type of cyberattack will have far more devastating consequences than ever before and can even go so far as to affect public safety.

It creates more potential for invasive spying

Any smart device with video and audio capabilities can be used by cybercriminals, manufacturers and governments to spy on its users. In fact, during 2019, CNN managed to access a variety of smart devices inside people's homes via their camera feeds by simply using a search engine to find IoT devices in Shodan.

They followed one Australian family as they went about their daily lives and watched a man in Moscow, preparing his bed without effort. It goes without saying that anyone could be compromised in a 5G world, not only individual users but also enterprises and large corporations, especially those with employees that can access databases or other work-related data via possibly unprotected devices.

Missing several security goals

Cornell University took it upon themselves to do a formal analysis of the 5G authentication protocols during 2019. Their study found that the 5G AKE protocol failed "to meet several security goals".

AKE or Authenticated Key Exchange, is the standardized security protocol in use for mobile subscriber verification. This is a very serious issue when one considers that all our calls, sms's and the relevant device's connectivity depend on the guarantees that are provided through the Authenticated Key Exchange protocols.

More harmful DDoS attacks

During a DDoS or denial-of-service attack, there is a malicious attempt to disrupt traffic flow to the targeted server by means of a flood of internet queries and traffic to the server and its infrastructure.

According to Stuart Madnick, a professor of IT at the Massachusetts Institute of Technology, "Cyber attackers could use 5G's lower latency to decrease the number of devices needed to overwhelm enterprises in DDoS attacks," confirming that, "The worst is yet to come."

Due to the increased speed of 5G networks (5G tech has reduced latency down to just 1 millisecond, whereas 4G devices have latency of around 50 milliseconds), DDoS attackers will be able to strike in more places at once and much faster, making these attacks harder to manage.

Looking to the future

Within the next two to three years, we will begin to experience a new level of speed and total interconnectivity of our favourite smart devices. The responsibility for our online security should, in reality, lie with every single player involved, but in the race for opportunity (and profit), it will probably be enforced by various technical authorities globally. The responsibility of managing our security issues may eventually end up with the user equipment (UE) OEM's due to the changes in network models.

Regardless of the technicalities, as these networks fall into place, we will come to realize that the technology is about much more than faster download speeds and better connections. 5G quite literally has the potential to transform our lives in ways we've never imagined possible. From connected devices to autonomous vehicles, smart cities and medical devices, 5G will effect and dramatically change the world as we know it.

By Samuel Bocetta, Security Analyst and Consultant
Follow CircleID on
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

IP Addressing

Sponsored byAvenue4 LLC

Brand Protection

Sponsored byAppdetex

Domain Names

Sponsored byVerisign

Cybercrime

Sponsored byThreat Intelligence Platform

Whois

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byAfilias

DNS Security

Sponsored byAfilias