As 5G technology is implemented in 2020, both consumers and businesses will experience higher speeds to obtain data - expected speeds are 100 times faster than the current 4G technology.
While 5G’s data speed could easily rival those of high-speed Wi-Fi, which is a boon to users who will not face downtime or interruptions, but could give cybersecurity criminals the upper hand.
5G is the next generation cellular network that will offer faster data speeds, less latency (lag time) and less interruption, said Karim Hijazi, CEO of Prevailion, a cyber intelligence company headquartered in Columbia, Maryland.
The biggest issue with 5G is that it will allow many more devices to be connected to the internet.
“To put this in perspective, imagine a large castle that suddenly installs hundreds or thousands of new windows and doors and that most of them either have faulty locks or simply no locks at all,” said Alex Hamerstone, GRC practice lead at TrustedSec, a cybersecurity and white hat hacking company based in Strongsville, Ohio.
“5G is an exciting technology and will do a lot of great things, but it will also significantly expand the digital risks for both companies and individuals," Hamerstone said.
How 5G Works and Its Impact on the Future
The biggest impact of 5G will be to the ‘Internet of Things,’ as it will make these devices much easier for businesses and consumers to deploy, Hijazi said.
“What 5G ultimately means is an explosion of ‘connected’ devices, which will impact pretty much every industry you can think of and will also eventually become ubiquitous in households,” he said. “This technology will also enable smarter transportation, such as over-the-air software updates to vehicle systems, self-driving vehicles, smart traffic systems and more. 5G is setting the stage for a major change in our daily lives, as smart devices will eventually become part of almost everything we do.”
While faster speeds means fewer interruptions and downtime, consumers should be aware that it could result in more data breaches across all industries because “it will spur the widespread use of IoT [Internet of Things] and IoT devices, most of which are insecure due to software and firmware vulnerabilities,” he said.
Although the 5G technology itself won’t necessarily increase the risk of hacking, but it is crucial that this next-gen system is set up properly, tested and has robust authentication measures in place.
“The real concern with 5G is with this secondary effect from the expected boon in IoT devices — which will create a massive new attack surface for criminals and nation-states,” Hijazi said.
Security of 5G
As 5G technology is rolled out in 2020, businesses and individuals should take the time to revisit their security posture since this new wireless communications technology opens up the attack surface in great and more unexpected ways, said Rui Lopes, engineering and technical support director at Panda Security, a provider of IT security solutions in Burlington, Massachusetts.
While the security for 5G has improved compared to 4G technology in some ways, new vulnerabilities are being discovered nearly daily. Since this new technology is based on a massive network of small, relatively short-distance antennas, it is easy for a hacker to “spoof a rogue antenna, similar to a stingray approach and flood a network with denial-of-service attacks, deploy surveillance or even spread disinformation,” Lopes said.
The technology will increase the possibilities for cyber criminals to inject malware or seize control of a device or network.
“Unless businesses have complete visibility and control of their network activity through advanced endpoint protection in concert with threat-hunting capabilities, hackers will have many doors to walk through into the network, instead of just a few,” Lopes said.
While it is unclear currently whether 5G will create new opportunities or increase the threat from attacks that use mobile networks, these networks are not secure by nature, said Alex Guirakhoo, strategy and research analyst at Digital Shadows, a provider of digital risk protection solutions in San Francisco.
Since the speed of 5G is extremely fast, if a hacker was able to access a system, both the volume of data and speed at which it could be attacked will increase, he said.
As more consumers gain access to 5G, the connectivity from their phone will be superior to their office’s internet connection, said Aaron Cockerill, chief strategy officer at Lookout, a provider of mobile phishing solutions in San Francisco.
A greater number of employees will prefer to use their own connection than the slower and more restricted WiFi typically provided at companies.
Operating outside the traditional corporate security perimeter means there will be more serious security implications. Employees will be using their personal smartphone, bypassing all the security that companies have implemented to protect their users, such as firewalls and secure web gateways to block phishing and malicious sites, he said.
Solutions to 5G Hacking
Not only does 5G increase the ability of hackers to attack businesses because of its speed, reliability and mobility, hackers will have access to data pipelines that are “less traceable than traditional wired or registered ISP locations to execute attacks from,” said Thomas Hatch, CTO and co-founder at SaltStack, a provider of intelligent IT automation software in Lehi, Utah.
The result is that it can make finding the hackers more difficult and a larger data breach could occur, he said.
The advent of 5G will increase consumers’ risks of personal information theft, fraud and invasion of privacy, said Hijazi.
A data breach could be more harmful since smartphones and other devices will collect more personal information that could be highly sensitive nature, such as health data, physical location, daily travel and other routines.
“Any data breach of these devices could be far more harmful to the consumer,” Hijazi said. “We have already seen instances of ex-husbands and ex-boyfriends regaining access to smart home systems in order to harass and terrorize their ex-partners. We've seen countless examples of connected baby cams that are hijacked by remote hackers, as well as the more recent incident with Amazon’s Ring camera.”
Consumers should be aware that the possibilities for remote hacking and harassment are nearly endless, as any insecure connected device could be an easy target, from smart light bulbs and door locks to washing machines.
“Consumers will also be increasingly vulnerable to ransomware and other types of extortion,” Hijazi said. “If cyber criminals are able to gain access to sensitive information, such as personal health, sexual activity or real-time location data, they could leverage that for blackmail and harassment.”
Businesses remain extremely vulnerable to malware, despite the past decade of record-setting data breaches and hacks, ranging from Target (TGT) - Get Report and Equifax (EFX) - Get Report to U.S. elections.
“Yet companies still find themselves unprepared for even basic attacks,” he said. “Building more rigorous security into these devices is going to take a great deal of pressure from the public sector.”
Consumers should change any current passwords to stronger unique passwords that will be tougher to crack, set up multi-factor authentication, keep the devices updated and stick to well-known product manufacturers, said Hijazi.
“None of these steps will matter if the device itself is insecure,” he said. “It is important for people to realize that there is no such thing as a completely safe connected device. Anything that connects to the internet, whether it’s through a cellular signal or WiFi, can be hacked, so think about the types of IoT devices you allow into your home and what you use them for.”
Businesses will face more blindspots which attackers could use to hack into a larger company, Hamerstone said. This means data breaches could become even harder for large corporations to detect and as a result, hackers will have more time to steal information and compromise systems.
Healthcare and transportation will also be greatly affected by 5G because the connectivity will allow remote surgeries to take place and enable a more sophisticated range of medical devices and implants, but all of them are vulnerable and potential points of attack, he said.
Building systems are also becoming increasingly high tech with remote control functions and this creates new dangers since hackers are able to take over key building functions like elevators, A/C control, lighting and security alarms, Hamerstone said.