6.9 min to readDigital WorkplaceThought Leadership

5G and cyber security: all you need to know

Ravi Bindra
Ravi BindraCISO
A woman's finger is pointing at a colorful screen.

5G, the fifth generation of mobile networks, will change the way people work. 5G offers faster network speeds, more bandwidth, and higher device density – and with this in mind, companies are gearing up for the future of networking.

According to research from JP Morgan, 5G can enable speeds that are 3-5 times faster than 4G networks. So, it’s no wonder opportunities enabled by 5G is expected to be worth more than $700 billion, with the primary beneficiaries being in key verticals like healthcare, manufacturing, and energy.

However, while these important industries will benefit massively from 5G, they will need to take special care to ensure their network stays secure. For that reason, companies looking to use 5G networks need to acknowledge cyber security risks inherent in 5G and find risk mitigation strategies before they begin deploying this exciting new technology.

What is 5G – and how does it work?

Every wireless cellular communication uses radio frequencies to transmit data. While WiFi uses an unlicensed spectrum, mobile uses a licensed spectrum. This means that mobile providers could only use the radio wave spectrum that they purchased.

Across the radio wave spectrum, different frequencies carry information at various volumes and rates. 5G technology incorporates additional bands, or frequencies, that had not been available for purchase and licensing before. It also uses high-, medium-, or low-bands.

Where earlier generations of networks gave all customers - enterprise and consumer - the same service, 5G incorporates network sizzling. This means that companies have a way to route different types of traffic across various bands, optimizing speed, latency, reliability, and security based on business needs.

The possibilities and benefits of 5G

Understanding the benefits associated with 5G technology gives companies the ability to make informed decisions around transforming their networks. As the future of work increasingly focuses on mobile devices, 5G offers many benefits to enterprises.

Download speed

Download speed is one indicator of network speed, focusing on how quickly images or files get to a device. To get the best speed capabilities, 5G networks that use millimeter-wave (mmWave) technology can leverage the high end of the wireless spectrum. While these might be less reliable over long distances, they come with download speeds anywhere between 1 and 10 gigabytes per second (Gbps). Meanwhile, 4G speeds typically fall in the range of 12-40 megabytes per second (Mbps).

Latency

Latency, another network speed indicator, focuses on how much time it takes to send a request and receive a response. For the enterprise, this means the amount of time that it takes for a mobile device to send a request to an application and receive a response. Where 4G networks have latency of 30 milliseconds (ms) to 70ms, 5G networks generally fall in the 5ms to 20ms range.

If a network is high latency, it can undermine the high download speeds. When the request takes a long time to travel from device to source, then back to device, it no longer matters how fast the download speeds are.

Device density

As companies adopt more IoT devices, device density becomes increasingly important to productivity and efficiency. Device density refers to the number of connected devices per square kilometer that a network can handle at once. A 4G network can handle an average of 100,000 devices in a square kilometer, including smartphones, vehicles, Industrial IoT (IIoT), and critical infrastructure sensors.

Meanwhile, a 5G network can manage up to 1 million devices at the same time. From an enterprise perspective, this helps to ensure that a wide array of IoT devices connected in a given geographic area will not impact the devices’ connectivity.

Security

A central built-in security feature for 5G is the same network slicing that enables enhanced traffic routing. Since 5G can separate consumer and enterprise network traffic, it enables wireless network segmentation based on use and component.

Additionally, when compared to previous generations, 5G also adds enhanced encryption capabilities and identity security. While it uses most of the same encryption features as the 4G system, it also adds some additional capabilities like basing key derivation on the HMAC-SHA-256, an encryption methodology for enhanced message integrity and authenticity.

What are the cyber security risks of 5G?

For every positive business outcome that 5G brings, it also has an equal and opposite cyber security risk. Here are a few known risks:

IoT exposure

Companies need to adopt IoT devices as part of their business strategies, but they come with inherent security vulnerabilities, like mis-configurations and lack of standardized security practices. The same 5G high-speed, low-latency connections that provide value for the enterprise also give cyber-criminals a way to rapidly execute network attacks.

Some examples of attacks that leverage insecure IoT devices include:

  • Botnets
  • Distributed denial of service (DDoS)
  • Man-in-the-middle
  • Call interception and location tracking

Compromised network slice

Network slicing helps enable security, but its complexity can lead to insecure implementations. Currently, network administrators are on their own trying to implement these new networking architectures.

Without standards or guides, network administrators may not be able to build the appropriate security into their implementations, accidentally giving cyber-criminals a way to gain unauthorized access to the network slice. For example, cyber-criminals can compromise the network by leveraging this attack vector then use it as a steppingstone to data breaches or DDoS attacks.

Stretched security monitoring resources

As 5G expands the number of devices that can connect to networks, it increases the amount of security resources needed to monitor these new access points. Adding more IoT devices to the organization’s infrastructure enables productivity and efficiency, but every device needs to be monitored continuously.

Security Operations Centers (SOCs) need to monitor potential risks arising from these new endpoints. Traditional methodologies for monitoring endpoint and network security may not work for these new high-volume and high-speed 5G networks.

The future of 5G and cyber security

To stay competitive, companies need to embrace 5G technologies, but they need to approach them with caution, asking the right questions to ensure that they protect data. While a company is ultimately responsible for its own data security, it should consider the 5G network provider’s ability to ensure appropriate protection.

The future of 5G cyber security starts with technology and end users. As organizations adopt 5G, they need to make sure that they understand how:

  • Network providers work with cyber security vendors for enhanced encryption and network monitoring
  • IoT device manufacturers establish and enforce security across their products
  • End-users are educated around smart devices that can compromise security

How to prepare for a secure 5G implementation

As a company looks to implement its 5G strategies, it needs to create a robust plan. Here are three key steps to consider:

1. Start early

The increased number of access points might require an entirely new network architecture. Organizations need to undertake vulnerability assessments to determine their current security posture then make sure to eliminate these risks during their 5G implementation.

2. Enhance monitoring, detection, and response capabilities

Monitoring to detect new threats and respond to them effectively will be fundamental to ensuring continued security. Managed Detection and Response (MDR) providers offer the SOC capabilities necessary to reduce risks associated with how quickly cyber criminals can deploy attacks across 5G networks.

3. Seek out AI/ML capabilities

Organizations must leverage technologies that meet the dynamic needs of 5G networks. With AI/ML powered security solutions, companies implementing 5G networks add appropriate self-learning technologies that can more effectively respond to evolving risks.

Key takeaways for business and IT professionals

5G is the future of business. Leveraging its speed and reliability enhances employee productivity and customer experiences. However, while 5G networks offer some built-in security, organizations will need to implement additional layers of defense that fills in the gaps.

Organizations shouldn’t let these challenges stop them. With the right compilation of security tools and services, they reduce their risk significantly. SoftwareOne, for instance, works closely with customers to develop a holistic offering that helps companies modernize their IT infrastructures while mitigating risk. With the right partner, organizations won’t only enjoy all the benefits of 5G – they’ll also enjoy more peace of mind.

A person walking down a hallway with a rainbow colored wall.

Gain access to industry-leading security experts

Our managed security services help organizations around the globe protect their network – and they’re ready to help you, too.

Gain access to industry-leading security experts

Our managed security services help organizations around the globe protect their network – and they’re ready to help you, too.

Author

Ravi Bindra

Ravi Bindra
CISO

Ravi holds over 20 years’ experience as a cyber security evangelist, holding multiple leadership roles in the Swiss pharmaceutical industry, such as Global Head of Risk Management, Global Head of Architecture and Global Head of Security Operations.