5G is no longer a futuristic concept, but a modern reality. With major network operators announcing the new era of intelligent connectivity earlier this year at Mobile World Congress, there is no doubt that 5G will play a leading role in shaping our future. In fact, according to Ericsson, in just five years’ time over 1.5 billion of us will be connected to 5G.

However, amidst this excitement, the IT community has been speculating over the implications of 5G’s launch, questioning what exactly it means for the cybersecurity landscape. If history has taught us anything, it’s that rapid technology advances and adoption is a double edged sword – it can build and destroy quickly. As a recent Gartner report found, in less than a year two-thirds of organisations plan to deploy 5G, making it imperative that they prepare for a fresh wave of cyber threats, set to be unleashed on an already vulnerable environment.

5G and IoT: an exploding attack surface

Widespread opinion is that 2G, 3G and 4G were designed for people, whereas 5G is a new generation of wireless technology, specifically designed for ‘things’, causing many to instantly associate it with the Internet of Things (IoT).

As the IoT infiltrates every aspect of society and business – whether that be across smart cities, banking or as part of a nation’s critical infrastructure – it has been suggested that we will depend on 5G more than all earlier communication systems. The technology has the ability to improve efficiencies at every level, increasing network bandwidth, speed and reach, while simultaneously lowering latency across almost every vertical. This allows it to not only move more data and be more responsive, but do so in smaller, micro-networks. In other words, 5G holds the potential to connect considerably more devices, in considerably less time.

For enterprises, however, the connective power of 5G means a greater number of network endpoints, resulting in more possible openings through which an attacker may penetrate the network. Once compromised, these openings can be exploited at a new speed and scale. Concerns over poorly regulated 5G technology have already led researchers to discover a flaw in 5G’s security protocols, allowing cybercriminals to intercept communications and steal data.

5G technology can also enable the weaponsiation of IoT devices in botnet attacks. By allowing more devices to connect, 5G can potentially enable them to become part of a malicious botnet, through which hackers can launch more powerful Distributed Denial of Service (DDoS) attacks. These issues are already high on the priority list, with recent research from the Neustar International Security Council (NISC) revealing that 75% of security professionals are concerned about the impact of bot traffic on their organisations, while DDoS attacks once again ranked as the greatest overall concern.

Image Credit: Shutterstock (Image credit: Shutterstock)

Adopting a risk-based approach to 5G security

With the growth of the IoT and the arrival of 5G guaranteed to impact the cybersecurity landscape, it’s more important than ever that companies take the time to assess their security strategies. A thorough asset management system will be vital for organisations to keep track of where they have a presence, particularly as the explosion of attack verticals can result in security gaps. In addition, practices and tools that are already in place – such as identity authentication systems, event and incident management tools, and data governance policies – will need to account for the new outer edges of the network. For organisations not currently in a regulated industry, adopting formalised security standards can be beneficial for establishing an appropriate focus.

That said, even companies that do everything right are still under threat. As 5G technology connects more and more IoT devices, “the enterprise perimeter” will widen so significantly that it will all but disappear. Compromised devices will have access to greater bandwidth and, from DDoS attacks to potential malware infections, the scope for hackers to cause havoc will only increase. This is why deploying a risk-based approach to security will be critical, ensuring that high-risk areas are seen as the biggest priority, in order to minimise damage.

As with any innovation, 5G will spur new use cases across vertical industries that will require modern levels of security. While the technology offers an array of new possibilities to consumers and holds the potential to transform industries within both the public and private sector, it is crucial that cybersecurity is kept front of mind throughout every stage of the deployment process.

James Willet, VP of Professional Services at Neustar Security Solutions