Sunday, 20th September 2020

How safe is 5G?

By Dan Schiappa, Executive Vice President and Chief Product Officer, Sophos.

Where do you think we will see the first uses of 5G?

Already we are beginning to see the start of 5G implementation, mainly in handsets and laptops. Soon, with the boom in IoT devices created to leverage 5G, 5G radios will become pervasive across the workplace. Whether employees are working at headquarters or in a home office, 5G radios will be embedded in everything from computers to copy machines to break room vending machines. As an increasing number of people work remotely, the business could be exposed as a result of employees’ home IoT devices, which makes it even more necessary for organisations to ensure that their distributed environments are secure.

What do you think is the biggest security issue with 5G?

As with 3G and 4G before it, lack of visibility with 5G is and will continue to be an issue. But because of 5G’s speed and potential to move exponentially more data, with connectivity that will surpass current broadband, visibility will be a bigger issue than ever before.

At best, what we’ll be able to see in a 5G environment is whether a device is using a 5G radio but not what’s actually being transmitted over that radio - making it challenging to spot suspicious activity. With a spectrometer we can see 5G radio activity, for example, but we won’t be able to distinguish good versus malicious 5G activity, since we can’t see what is included in that communication path.

The security risk is especially high with unmanaged devices, since hackers may be able to exfiltrate data, undetected. This doesn’t mean there aren’t challenges involved with managed devices too. Hackers may not be able to go completely undetected throughout the attack, but they still might use the 5G backchannel to exfiltrate data. Nevertheless, it’s almost impossible to manage the risks if you don’t know what exists and what’s happening within your environment, which is why visibility with 5G will be such a problem.

To gain some insight into traffic and notice anomalous communications from a threat perspective, organisations may mandate that IoT devices in the environment are connected to the corporate Wi-Fi. If you can put an agent on manageable devices, you will be able to identify that something unmanaged is talking over the 5G radio. That doesn’t mean you’d be able to decipher what that device is actually saying, making it incredibly challenging to spot attacks while they’re happening.

What opportunities does 5G present for hackers?

Today, most devices in enterprise environments aren’t equipped with 4G chips, as 4G isn’t significantly faster than Wi-Fi. 5G technology, however, improves on its predecessors with higher bandwidth, faster speeds and lower latency, which will undoubtedly make it more ubiquitous than 4G ever was. While these features are certainly beneficial, they’ll also be part of the challenge, since hackers will be able to exploit the ever-present nature of it for their own gain.

The ubiquitous bandwidth – and its efficacy – presents the biggest opportunity for opportunistic hackers, who won’t need to change their tactics to realise the rewards. Say for instance that, due to lack of visibility an attacker covertly gains access to a copy machine embedded with a 5G radio, thereby gaining access to all the sensitive information on the machine. Supported by the bandwidth and speed of 5G, the attacker can quickly extract all that data – without raising red flags within the organisation.

The unfortunate truth is that if an organisation has an advanced attacker in their network, that attacker is already looking for additional ways to reap more financial reward. 5G doesn’t demand greater skills from hackers, as they can use the same attack methods as with 4G to enter the network. What 5G does enable them to do is much more damage at a quicker rate, since they can take huge amounts of data at unprecedented speeds.

What can businesses do to protect against 5G threats?

Businesses shouldn’t avoid obtaining devices with 5G just because there are potential security risks. Instead, they must understand that they will eventually have many 5G devices in their environment and take the necessary precautions to secure their corporate infrastructure. Here are a few ways businesses can proactively prepare for and mitigate such risks:

·5G can create a backdoor to your network. Think about network segmentation, what you allow in your environment, and start planning for an internet-facing IT infrastructure. Ensure there’s nothing that you don’t have visibility into. This doesn’t require you to tightly manage it, but you do need to have visibility and manage it as much as necessary.

·Identify unmanaged devices in your environment. This might be difficult if they’re only communicating through 5G, but if they’re also on Wi-Fi, you may be able to find them through network scans. Endpoint detection and response (EDR) products that observe all network connections to and from managed devices can also help you discover unmanaged devices. Doing a query to find all communications to and from an unmanaged IP or MAC address could provide that discovery.

·If nothing else, using traditional encryption and access controls will provide a good level of security for your data and access to it.

As new infrastructure and services are continually implemented, keep these risks in mind and be conscious that this is something else you need to be considering. Ultimately, the arrival of 5G will highlight the need for protection at every layer of the environment, and businesses will benefit from starting today.

How IT managers protect corporate networks from targeted attacks By Chris Connell, Deputy Vice Pre...
Why business decision makers should expand their network security strategy, By Chris Connell, Deput...
By Joseph Carson, chief security scientist at Thycotic.
By Miles Tappin, Vice President, EMEA at ThreatConnect.
By Jesper Frederiksen, VP and GM EMEA at Okta.
By Keith Banham, mainframe R&D manager at Macro 4, a division of UNICOM Global.
By Mikkel Stegmann, Principal Scientist at Fingerprints.