The proliferation of network use cases of 5G is one of the factors increasing the security risk. Source.
5G is a Double-Edged Sword
Security is central to stability and sustainability. Telcos offering 5G know they’re in for the long haul, so they must plan to make the technology stable and sustainable. Scandals and mass data breaches are very bad for business, and with some forethought the worst can hopefully be avoided.
Stakeholders are hoping 5G will help plug the security gaps that plagued the previous generations. However, while 5G addresses the security flaws of the previous networks, its next-gen capabilities also come with security problems of their own. “5G implies faster speeds for good guys and for bad guys,” cautions Galina Datskovsky, CEO of Vaporstream, a Chicago-based secure messaging platform. 5G takes connectivity to new dimensions, supporting connected devices across individual, corporate, and state levels. With 5G, “there’s a whole series of related technologies happening all at once,” notes Mark Foster, senior vice president, IBM services and global business services. “Each has their own risks with regard to security, privacy and how they operate. In the end, it’s about the ethical operation of all this stuff.”
The pillars of 5G security. Source.
In recent years, the tech world has been shaken by a series of massive security breaches and data privacy scandals which have made consumers more aware and protective of their digital identities. In recent research conducted globally by IBM, 81% of consumers reported that their concerns for how companies use their data have grown massively over the past year. 75% say they’re now more reluctant to give out their personal information to companies.
5G’s major security win is its much tighter anti-tracking and spoofing systems that makes it more difficult for threat actors and unethical companies to track and interfere with user data. Encryption is much more widespread in 5G through IMSI or unique user identifier system. This leaves fewer data points in data streams exposed to interceptions.
5G also enhances the visibility of networks thanks to its software and cloud-based operations. The cloud-based system also allows for the segmentation of networks (network slicing) into multiple virtual networks that each work with a decentralised, customised security protocol. Compared to the hardware-based operations of previous generations of network, the software-based operations make it much easier to remove, replace, and upgrade network components on the fly.
“5G has really good promise for security, encrypting identifiers is a really good thing, and network slicing is a network paradigm shift,” notes Ravishankar Borgaonkar, a research scientist at SINTEF Digital, a Norwegian tech analysis firm. But in the same breath, he also argues that “there are still other ways that users can be tracked and there are questions about how to guarantee the trustworthiness of the [5G] software. So there’s always room for improvement.”
Karsten Nohl, founder of the security research firm SRLabs was even more direct with the scrutiny of 5G security gaps, stating that “5G is a big step forward on several fronts, but won’t actually provide a full security upgrade until we see pure 5G networks with no legacy tech—so not for another 10 years or more.”
Accessing the Security Risks of 5G
As it turns out, you don’t need to be tech-savvy to understand the biggest security risks facing 5G. The implementation of the standards of a connectivity network has never been uniform across the board, from the first wireless technology to the fourth. Some carriers make mistakes, and others try to cut corners. And most customers can’t tell when a company’s security features fall short of standards, so they’re exposed to vulnerabilities without knowing.
“Many operators (of the previous network generations) were not implementing certain recommended protocols at all, because it was costly,” Borgaonkar revealed. “We have seen that operators aren’t always implementing features, even when a standard calls them mandatory, and that’s where the problem lies usually in mobile networks. The same thing will come up in 5G as well. It really comes down to government regulations or another authority to enforce it.”
Among some of the security risks that carriers need to guard against include those of the interoperation between 5G and the older networks which are still prone to certain security gaps that 5G has addressed, and the leakage of remnants of data that have not been encrypted.
Keeping 5G Safe
As these factors play out, it appears consumers will be left with two choices – either sharing their data with cautious optimism, or withholding it and forgoing the benefits of the next-generation connectivity experience. But as time goes on, it appears that won’t be a hard choice for consumers to make. Marc Rotenberg, president of the Electronic Privacy Information notes that as the network is rolled out, “governments will need to test these systems carefully before they are deployed and end-to-end encryption for network traffic should be a priority.”
With advanced technology come unanticipated security flaws. With 5G already starting to roll out, developers need to make sure no corners are cut, and consumers need to make sure they are investing in products and services that have the same commitment to their data safety that they do.