5G technology will enable many ground breaking application scenarios. However, increasing networking also increases security risks. NTT believes a security-by-design approach is essential, so security must be an integral part of 5G infrastructures from the start.
The new 5G network standard offers many advantages, such as low latencies, high bandwidths and data transmission rates, and reliable communication connections. However, the introduction of 5G brings with it the risks known and partially assumed from its predecessors and new dangers and weaknesses. As 5G enables entirely new applications, ranging from the Internet of Things to autonomous driving and smart cities, many troubles are still unknown.
In any case, the introduction of 5G technology and its components increases the attack surface compared to previously used technologies, if only through the increased use of software and new services and the high number of networked sensors and devices. This increases the threat potential for a company considerably. The specific dangers include malware, DDoS, and “man-in-the-middle” attacks.
But who will target 5G? The list of potential attackers is long. Cybercriminals, especially in organized groups with the appropriate know-how, can use 5G for data theft or financial fraud. The expanded 5G attack surface can also increase the risk of a company facing insider threats – either from an inexperienced user who inadvertently causes disruption or from a malicious insider who takes advantage of access to critical network functions to cause widespread damage to prepare. In addition, it is conceivable that hacktivists will try to target the technology itself – or the bodies responsible for expanding the infrastructure – as there are also health concerns in some cases in connection with the radio systems used by 5G.
Last but not least, 5G technologies are likely to be of particular interest to state attackers, for example, for espionage and military purposes. Control over networks and devices could easily give one government insight into another state’s communications – and even the ability to disrupt those communications. There is a particular danger when a government can control the manufacture of 5G components.
The sometimes immense 5G dangers that result from the extensive networking of devices, services, and applications have led many researchers and engineers to work to contain the threats. “This is good news because security is all too often neglected when new technologies are introduced and only considered afterward. Subsequent integration of security functions is complicated or can only be implemented at an extremely high cost,” explains Sebastian Ganschow, GTM Manager Security at NTT Ltd.
NTT’s Security Division recommends that organizations consider potential security risks from the outset and take necessary countermeasures when implementing 5G, as with the introduction of any new technology. All 5G implementations should always be strategically planned, considering the security implications, monitoring capabilities, and configuration options to minimize negative consequences.
In addition, it must be ensured that products and solutions are only purchased and used from verified providers who adhere to strict security regulations for the supply chain. In addition, your security guidelines should apply to the entire 5G supply chain. Under these conditions, it may be that an immediate, secure 5G use in a company’s network environment is not always possible. “Not only the time factor should be the decisive criterion when using 5G, but security should always have a high priority,” emphasizes Ganschow. “The same applies to 5G: early integration of security functions based on the principle of security by design.”