As smartphones become increasingly advanced, wireless networks need to keep up. By 2020, over $2.7 trillion will have been injected into upgrading mobile networks to 5G. The fifth-generation cellular network is set to bring users a much faster and more reliable connection than its predecessor, 4G.
And it’s not just mobile devices that need to be considered from a data management perspective. The growth of sim-enabled laptops, tablets and connected devices for the IoT ecosystem means more devices are becoming enabled cellular networks. By 2022, over 70% of the total IoT devices are expected to be connected using cellular technology. 5G will provide the bandwidth required to support the IoT ecosystem, paving the way for a new era of “smart cities” where infrastructure is connected via 5G.
While the advantages of upgraded cellular networks are clear, there are fears that 5G networks could render users and organizations more vulnerable to cybercrime and surveillance. Indeed, the Executive Director of the UK Information Commissioner’s Office, Simon McDougall, has stated that 5G poses “dramatic challenges” to privacy and personal data, labeling the potential uses as “creepy” and “intrusive”.
So, should businesses be excited about the upcoming proliferation of 5G, or concerned about becoming easier targets for cybercriminals?
What advantages does 5G offer?
Perhaps the most notable advantage of 5G is its speed. With a data transfer capability around 10 times faster than 4G, there will be a massive difference when it comes to downloading things like films. In fact, it is estimated that it will take less than a second to download a movie using 5G, something that can take up to ten minutes on a 4G/LTE network.
5G’s speed will prove massively beneficial to businesses. Advantages including faster apps, file sharing, and communication capabilities for staff will ultimately improve efficiency and productivity, leading to cost-savings and greater revenue. Many experts also believe 5G will significantly bolster people’s ability to work remotely in places where it is currently difficult to access reliable, high-speed internet. This is a huge perk to businesses looking to reduce office expenditure.
5G will be decidedly less laggy than its predecessors. Networks can handle 5G data a lot more efficiently compared to 4G, meaning there’ll be reduced delays or glitches during multiway conference calling, an enhanced ability to remotely control devices, and improved functionality of AR and VR applications. In fact, 5G has a latency period of around one millisecond, which is 40-50 times shorter than the latency of a 4G connection. Perhaps even more significantly, a wide range of IoT devices—including smart cars, firefighting drones, and even surgical equipment—will soon be powered by 5G.
This reduced latency is expected to be transformative for businesses, enabling employees to communicate more efficiently with one another and clients. 5G will also allow organizations to better harness the power of IoT and connect more devices together, thus evolving operations. According to Bytestart, this will be particularly useful to those in agriculture, as “the sector can use sensors to detect and feed information in real-time…enabling farmers to ensure the maximum yield from each crop”. Meanwhile, manufacturers will be able to deliver products faster and more cheaply due to 5G enabling greater automation of their processes.
Cell towers equipped with 5G technology will have much greater capacity than 4G. As such, more people—and more devices—will be able to communicate at the same time. This means there will be improved connectivity in densely populated areas, or when lots of people are connecting to the same network at big events, for instance, as well as for IoT devices in general. Small Business Trends noted that improved IoT connectivity will particularly benefit SMEs, pointing out the uses of “device-to-device communications for up to a million devices per square kilometer”.
What risks might 5G pose?
Expansion of the attack surface
IoT devices are already exposing people to more cybersecurity threats due to the increase in entry points to personal networks and the lack of security standards in place for these devices. The rise of 5G will exacerbate this issue by making IoT devices more accessible to the public, expanding the attack surface and giving cybercriminals more opportunities to harvest data. As devices become increasingly interconnected, just one breach can enable a more widespread attack. This problem is particularly pronounced for businesses, with over a third already using IoT devices—a number that is expected to keep rising.
Increased vulnerability to DDoS attacks
The deployment of 5G could also lead to more severe types of cyberattacks. One example could be from distributed denial-of-service attacks (DDoS), which could not only become more common but more severe. Typically carried out on businesses, DDoS attacks involve a hacker taking control of multiple systems—usually by infecting them with malware. These are then used to create a network of machines, known as a botnet, which try and cripple a single system or network. To do this, the cybercriminal will flood a network with traffic by sending requests for service from the infected devices. This overwhelms the network and prevents normal traffic from being able to access it. This is often used as a “smokescreen”, since it distracts the target while another, even more serious attack—such as data theft—is carried out.
Hackers typically target interconnected devices. With the number of linked 5G devices set to grow, they will be capable of infecting more devices and generating an overwhelming amount of traffic at a much higher rate. Moreover, the increased bandwidth of 5G networks means that future botnets may not need to take control of as many devices to successfully overload their targets.
In addition to the threat of cybercrime, 5G could see us hurtling towards an Orwellian future. To reach the speeds promised by the mobile networks, new bands of the electromagnetic spectrum—the range of frequencies of electromagnetic radiation and their respective wavelengths—must be opened. To achieve this, 5G relays will need to be installed in everyday places like buildings, street corners, and even traffic signals, due to the current limitations of antenna technology. A system of millions of antennas, sensors, and cell relay devices mounted seemingly everywhere provides potential surveillance on an unprecedented scale, especially if governments are to run the 5G networks. It’s estimated that relays will need to be fixed to 13 million utility towers to service around half the U.S. population.
It’s not just government surveillance people should be worried about. Companies such as Amazon have already come under fire for the intrusive nature of their IoT devices. The e-commerce giant has filed for a patent to create an Alexa device that eavesdrops on user conversations and adds the information gathered into a database. This is then used for advertising purposes. As 5G will likely lead to IoT adoption soaring, this invasiveness could become even more widespread.
How can users protect themselves?
Create a strong layer of authentication
Research shows that over a quarter (28%) of smartphone users don’t use a screen lock to protect it, while only 9% use a password. Poor security enables hackers to easily gain access and control devices, which can be catastrophic for 5G users, and renders company data vulnerable if the targeted device is a corporate one. Consequently, business owners should make sure employees set a screen lock and a password that is hard to guess—the likes of ‘password’ or ‘12345’ simply won’t cut it. Including at least 12 characters and a mix of numbers, symbols, and capital letters makes a cybercriminal’s task much harder.
To add an extra layer of security, biometric authentication is becoming increasingly popular, and 90% of businesses will adopt this technology by 2020. This is where the user confirms their identity using a unique body feature, such as a fingerprint or by scanning their irises. While no authentication method is 100% bulletproof, biometric information cannot be guessed or stolen in the same way password credentials can be.
Businesses may also want to implement a Zero Trust model, where nobody within the corporate network is trusted. This type of model replaces the view of ‘trust but verify’ with ‘never trust, always verify’. Just because a user has the authentication required to access a particular resource does not mean they should be trusted. For instance, an employee may access the network legitimately, but there’s nothing to say the device they are using can be trusted. This is how insider threats can cause security breaches, or users can be coerced into inadvertently doing something malicious.
Utilize mobile security solutions
With the increased potential of cyber threats to mobile devices, 5G all but demands businesses to invest in a multi layered approach to security that covers all endpoints. Employees increasingly use multiple devices interchangeably, flicking between phones and desktops to do their work. Each factor needs to be assessed in terms of potential risk posture and security strategies need to be tailored accordingly. There are a range of solutions to choose between to help keep company data safe, with no one size fits all typology.
Business owners should also ensure that employees keep their devices up to date with the latest operating systems. These typically amend security and privacy issues users have experienced with the previous version, as well as implement corporate security features that benefit businesses immensely. Keeping software up to date gives devices the most robust solutions.
However, it’s important to be vigilant with regards to operating system updates. A recent example which highlights this importance is Apple’s iOS 12.4 update. Security researchers found that this update reintroduced a bug that was previously fixed in iOS 12.3, making it relatively easy to jailbreak and hack up-to-date iPhones.
Be vigilant with how staff use company devices
The Google Play Store is an open platform offering a large pool of apps, and it has a much less stringent review process than the Apple App Store—although the iOS system isn’t without its own vulnerabilities. This means there’s a higher chance of the Play Store hosting potentially harmful content. For instance, malware is often repackaged to resemble a popular app, duping users into downloading malicious software, and infecting their device in the process. This can render company data on these devices vulnerable.
Indeed, security issues caused by apps on the Play Store have plagued both businesses and individuals alike in recent times. One of the worst cases was the “Agent Smith” campaign, where 25 million Android devices were infected when malware copied popular apps and replaced them with weaponized versions. To avoid being burnt by a similar campaign, there are a few things business owners can encourage employees to look for:
- Reviews: Legitimate apps should have a significant number of balanced reviews. Fake apps often have very few reviews, often with all 5-star ratings.
- Downloads: The more downloads an app has, the more likely it is to be legitimate.
- Date Published: If downloading a long-established app, such as Whatsapp, but it says it was published just a few months ago, this is a tell-tale sign the app is fake. Instead, look for an “updated on” date.
- Developer: It’s worth doing a quick Google search on the developer of the app. If the developer has created a number of apps, they are more likely to be legitimate.