By AI Trends Staff
South Korea has rolled out the world’s first 5G network, with speeds 20 to 100 times faster than 4G. Along with the anticipated rollout of 5G in other countries, which will bring a boost in users of higher-capacity wireless devices, are security concerns.
Many organizations will have to change or restructure their cybersecurity strategies to deal with the new platform, suggests an account from Malwarebytes Labs.
The account identifies ways the rise of 5G can have an impact on a company’s cybersecurity. For example:
New risks will surface. By way of comparison, the Mirai botnet in 2016 executed a denial-of-service (DDoS) attack that took down most of the internet on the east coast. The attack spread through thousands of insecure IoT devices, including security cameras. The creator of Mirai had intended to take down rival Minecraft servers, in order to make more money. The effect on the overall internet was an unintended consequence. When 5G networks roll out, devices will be powered on and connected from a variety of mediums, increasing risk.
Increased Bandwidth Creates New Threat Opportunities. Many of today’s security services monitor traffic in real time to identify threats based on activity and sniffed data. For example, if someone in-house is visiting a flagged URL, it could be an inside threat. Because network capacity, security and traffic can be managed today. With 5G speeds and capacity, that may no longer be the case. It could be that many of today’s cybersecurity solutions may no longer work in the 5G network.
Security Automation May Be Required. Security automation and integration is when the security architecture and system in use is connected across the operation. Data must sync between security layers. Attackers are likely to use physical means and digital means to attack, and move between the two. They are likely to use a combination of strategies and attacks to gain unauthorized access. This has been shown by Emotet’s polymorphic, multiple module attacks or CrySIS ransomware’s versatile attack vectors. (Users: Do not click on suspicious attachments, and use strong passwords.)
Complexity of 5G Network Security Will Make AI Required
AI will be required to secure 5G networks, suggests an account from threatpost. That was an assessment from the GSMA Mobile 360 Security for 5G conference held in May in the Netherlands.
The authors set the stage by noting that the existing telecom networks are built from a hardware-centric perspective, using the vertical-stack Open Systems Interconnection (OSI) model. This includes a heavy reliance on hardware big routers and switches with device-specific software. Functions are hard-coded. Extensive support systems are needed to carry out management and orchestration functions.
In contrast, 5G takes a page from the world of enterprise IT and the cloud, according to Brian Wagner, head of security, risk and compliance for EMEA at Amazon Web Services. “Security is no longer a silo that sits in a separate area,” he said, during a keynote at the conference. “Security is not compliance anymore, and vice-versa. These networks will consist of largely commoditized technology. So, you have to upgrade your tools, take a risk-based approach and be transparent.”
In a 5G network, hardware servers are abstracted from the software; all functions are virtual; a packet core network is software-defined and programmable, able to make changes to services on demand. Thus, 5G networks will be capable of supporting literally billions of endpoints generating data, all with potentially custom network services.
Achieving visibility into this very different and more complex environment is something network managers have not had to do before.
AI will be required for intelligent, adaptive security management and automation, the speakers suggested. The technical switch to a software approach and dynamic updating will be a challenge. The AI algorithms will need to be trained with a tremendous volume of security knowledge, suggested Martin Borrett, CTO and engineer at IBM Security, who has been working with the company’s AI platform, Watson.
Read the source articles in Malwarebytes Labs and threatpost.