The global deployment of fifth-generation wireless networks is as fraught with peril as it is with promise.
The allure of 5G is obvious: Data speeds are up to 100 times as fast as prevailing 4G and 4G/LTE service, and 5G offers immense network capacity that promises to connect billions of people and devices. The exponential leap in cellular bandwidth and digital interconnectedness has the potential to revolutionize markets, from health care and entertainment, to industrial manufacturing and the energy sector.
Unfortunately, the means through which 5G technology was developed and standardized also opened security holes that threaten critical infrastructure around the world at precisely the time that cyberattacks are on rise.
According to security analytics software developer Cognyte, in the first half of 2021 alone nearly 1,100 organizations fell victim to ransomware attacks, roughly twice the number during the same period in 2020.
To appreciate the extent to which bad actors are willing to go to disrupt critical infrastructure, look no further than this year’s Colonial Pipeline ransomware strike, which brought the largest fuel pipeline in the US to its knees.
Similar attacks forced the closure of banks and the national postal service in New Zealand and triggered the partial shutdown of India’s electric grid. And as we saw last winter in the US with the deadly energy-grid failure in Texas, our systems break when placed under stress, and yet we’re simultaneously asking them to increase their complexity and digital interconnectedness.
The underlying issue with the 5G cellular standard is that it is an open architecture designed for commercial applications by an international coalition of technology companies, with heavy input from state-owned Chinese firms, including Huawei Technologies.
As an open-source, commercial standard, 5G suffers from a general lack of encryption and is riddled with vulnerabilities, nearly a thousand of which have yet to be resolved by the governing 3GPP (Third Generation Partnership Project) standards body.
This raises concerns relative to the influence China may have exercised over an industry standards-making body – and the number of back doors and man-in-the-middle vulnerabilities through which unsecured data can be siphoned off or manipulated.
As a point of reference, a 2019 report released by IoT (Internet of Things) cybersecurity specialist Finite State looked into Huawei Technologies and found that 55% of tested Huawei devices had at least one potential back door. In its summary of findings, Finite State concluded that “if you include known, remote access vulnerabilities along with possible back doors, Huawei devices appear to be at high risk of potential compromise.”
Then there is the sheer complexity of 5G implementation. While it is undeniably faster than its wireless predecessors, 5G creates many more routing points that must be secured. The speed and volume of 5G data mean that network security monitors must be at least as fast.
And this doesn’t even begin to take into account the billions of industrial IoT sensors that are deployed throughout the world, each of which provides a potential home for malware to roost.
One consequence of the way many countries organize their telecommunication and computing networks is that they leave too much room for intentional – and even unintentional – interference.
A power-plant manager who chooses to e-mail sensitive files to his home computer without first encrypting them may have no nefarious intent but is breaching security nevertheless. Likewise, data piped from an unassuming cellular customer across 5G networks may travel hundreds of kilometers before it reaches the data center, leaving a trail that hackers can easily exploit.
To date, most data security software has been applied as an afterthought – as a patch to the outside of the network. A better approach is to provide security from the inside, beginning with the data layer, to ensure trust is maintained throughout the data value chain.
This can be achieved by combining the communications network and data center into a single, hardened piece of infrastructure. The close physical proximity of the radio tower and server has several advantages over today’s disaggregated equipment configuration.
First, by consolidating the two into one hardened infrastructure we dramatically simplify the job of physically protecting it – even from a high-altitude nuclear detonation in the form of an electromagnetic pulse (EMP) attack.
Second, data can be encrypted at the source, both at rest and when in motion.
And third, we naturally reduce latency and backhaul costs by eliminating the need to ship data across the country to and from data centers run by people who are not responsible for ensuring the safety, security and reliability of the energy grid.
In the end, you’ve built a secure, local compute environment where a chain of trust protects your critical infrastructure from external threats.
This hybrid communications/compute model is then governed by redundancies such that a single person is never allowed to run the network or perform unattended software updates.
With this operating model, the global telecommunications industry has the opportunity to overlay its 5G networks with a secure, intelligent firewall that encrypts data traffic, monitors endpoints for anomalous behavior, detects and profiles known good behavior, and creates a barrier to future attacks – in real time, not after the fact.
It’s time that the world’s telecommunications service providers and data-center operators wake up to the need for a hardened infrastructure that can be adapted to take advantage of the speed, low latency and intelligence that 5G offers without succumbing to its susceptibilities.
We live in an age when our personal privacy rights, national sovereignty and democratic principles depend more than ever on our ability to access and manage secure, interconnected data.
If the old defense posture was “Know your enemy, and know your terrain,” today it’s “Know your enemy, and know your data.”