While many are talking about 5G, some may not know exactly what 5G means, how it may impact us, and in respect to National Cybersecurity Awareness Month, how it may impact cybersecurity.
What is 5G?
5G refers to the 5th generation of wireless mobile telecommunications technology. Since 1G was introduced in the early 1980s, a new wireless mobile telecommunications technology has been released nearly every 10 years. As you might expect, each generation has improved speeds and functions in comparison to the previous generation.
- Early 1980s - 1G: Voice Calls Only; an analog technology. Maximum Speed: 2.4 Kbps.
- 1991 – 2G: Introduced call and text encryption, picture messages and SMS/MMS. Moved from analog to digital technology. Maximum Speed: 1.3 Mbps, typically around 50Kbps.
- 1998 – 3G: Enabled data-demanding services such as video calls and mobile internet access. Maximum Speed: 2Mbps (when stationary); 384 Kbps (when moving).
- 2008 – 4G: Current standard which enables HD streaming, video conferencing, augmented reality. Maximum Speed: 1 Gbps (when stationary); 100 Mbps (when moving).
- 2018 – 5G: Limited rollout currently that can offer faster data rates, increased device connections, energy savings and lower latency. Maximum (theoretical) Speed: 20 Gbps per second.
Companies are racing to have the fastest or largest 5G networks and countries are competing to be the first to deploy fully functional, nationwide 5G. Why? Because the benefits of the new technology are expected to spur transformative new technologies for people and businesses across the world.
What could 5G mean for me?
As mentioned previously, 5G is aimed to be drastically faster; the fastest 5G networks are expected to be at least 10 times faster than 4G LTE, according to wireless industry trade group GSMA. Some other projections state that 5G could eventually be 100 times faster than 4G. This would mean you could theoretically download a two-hour movie in fewer than 10 seconds, versus around 7 minutes on 4G. Actual download speeds will depend on a number of factors, including location and network traffic, but 5G also promises to enable greater bandwidth. This means that your spotty cellular connection may become a thing of the past.
5G could set the foundation for real-time mixed reality, machine-type communication, mass-market self-driving vehicles, and other technology we cannot even yet imagine. Significant adoption of 5G is going to take years however — as according to Ericsson’s June 2020 Mobility Report, it estimates that 5G coverage is expected to reach 55-65% of the world’s population by the end of 2025 - the rest will be older technology, like 4G and 3G.
5G and cybersecurity
There are concerns about the security of 5G, especially since technologies such as self-driving cars and healthcare systems have health and safety implications are likely to be built on top of the network. With 5G, there will be some security improvements, such as the introduction of International Mobile Subscriber Identity (IMSI) encryption. The IMSI is key to authenticating your device as it travels on a network. 5G networks will use a key embedded in your device’s SIM card to encrypt your IMSI before it is sent to the network. This protects information about who and where you are and how you use your wireless network, improving both your personal and the network’s security. Experts still see security vulnerabilities, however, as all that speed and potential can amplify the existing attack methods of malicious individuals and enable the development of whole new ones.
Some 5G vulnerabilities are at the network level. Unlike its predecessors, 5G does not use centralized, hardware-based switching but rather distributed, software-defined routing. This eliminates central points where inspection and control could be focused. Some vulnerabilities will be on the user level. Because 5G enables increasing the number of connected devices, those devices will, in turn, need to be secured and hardened. Faster speeds can enable faster business operations but can also enable faster security compromises and exfiltration of data from systems.
How to prepare for 5G risks
As risks and vulnerabilities increase, the need to prepare and plan responses and mitigations increase in kind. By cultivating a security-first mindset and the ability to make risk-informed decisions, organizations can be more prepared to securely use new and emerging technologies, like 5G. Organizations must also work with their vendors and service providers to assure that 5G-enabled devices meet established security standards, such as aligning with the National Institute of Standards and Technology (NIST) 5G Cybersecurity guidance. In addition, organizations must advance their deployment of artificial intelligence, machine learning and automation to identify, detect and respond to the rapidly increasing volume and velocity of attacks, experts said. Finally, implementing zero-trust security is critical, given the exponential growth of connected devices and the speed of 5G. Perimeter security tools, like firewalls, will not be able to protect everything, so each device must ensure its own security. That is the theory of zero trust - trust nothing and validate everything.
-Submitted by Jonathan Wagner