Endpoint
August 12, 2019 By Sue Poremba 3 min read

5G technology is almost ready to take off in the U.S. While the upgrade was set to go live in 2020, some major cities have, or will soon have, access to the faster wireless speeds — if your device is 5G compatible (a limited few are).

That’s where some security professionals raise a red flag. According to research conducted by Positive Technologies, devices that currently run on 4G — i.e., just about everything we use — will have vulnerabilities. Internet of things (IoT) security, which is already shaky, could be particularly troublesome with the move to 5G, with a risk that the increasing number of IoT devices could end up becoming a treasure trove of botnet farms.

5G Technology Will Revolutionize Digital Transformation — And Cyberattacks

There is a lot to be excited about with 5G technology. Data sharing will be much faster, allowing all types of organizations to move more quickly and efficiently into the digital world. It will also allow for the use of digital technologies that may not be possible with 4G for some organizations. For example, Tom’s Guide pointed out that 5G can transform the learning experiences of school children by enabling augmented and virtual reality learning opportunities. In industries that require fast communications and transmissions, 5G can literally be the difference between life and death.

However, 5G is equal opportunity. All of the advantages it provides for legitimate organizations and people who see it as a way to improve both work and play are also going to be there for malicious hackers and cybercriminals. Hacking into 5G will be as simple as hacking into the web, according to the Positive Technologies report.

“The average web application contains 33 vulnerabilities, and 67 percent of web applications contain high-risk vulnerabilities,” the report stated. “Lowering the penetration threshold will pave the way for an upswing in attacks on 5G networks.”

The additional complexity allowed by 5G technology will also open more doors for threat actors to get into networks, making it more difficult for security professionals to effectively protect endpoints and data. There are concerns that 5G networks will be at greater risk of denial-of-service (DoS) attacks. And with data transmitting faster than ever, as USA Today noted, the tech could have a negative impact on organizations’ ability to maintain compliance with privacy regulations.

Addressing IoT Security in a 5G World

Still, IoT security looks to be the greatest challenge, because there will be billions of these connected devices on 5G wireless networks. Security is already an afterthought in the IoT, which makes the devices particularly attractive to cybercriminals. We are currently seeing an uptick in malware targeting the IoT, such as Silexbot, which made unsecured devices unusable. And Mirai, malware that turned web cameras into bot farms, has returned in new variants.

Because 5G technology will allow for faster, more seamless connections, reliance on the IoT across all types of organizations will increase exponentially. Smart businesses will take advantage of implementing more artificial intelligence and machine learning, from factory floors to HR departments. At the same time, if we rely on the same IoT security practices we have been using, we have to expect that hackers will hit hard, taking down these systems quickly and frequently. The more a business depends on 5G connected devices, the more at risk they are for impending downtime and security breaches.

Protecting IoT devices on a 5G network will require redefining how we think about wireless security and the overall security framework. It starts with thinking through the vulnerabilities already existing in your 4G world. Protocols will need to be updated and new standards put in place. This one step could go a long way toward stepping up security for all of the endpoints on a 5G network.

From DevSecOps to Data Privacy

Now more than ever, security is necessary in DevOps — adding a layer of security in devices from their conception. It is always better to add end-to-end encryption and other security measures from the get-go, rather than try to incorporate them after the fact, after threat actors have already infiltrated the devices on a 5G network.

Additionally, data privacy laws are new enough that most IT decision-makers, chief information security officers (CISOs) and other security leaders are still trying to figure out all the details. These laws may end up making their impact on IoT security in a 5G world, as the amount of data will not only increase, but also move at a faster rate.

When 5G truly comes online for most of us, it will be a boon to business operations and digital transformation. But if we don’t pay attention, it could also add unwanted cyber risk to the threat landscape. Organizations must improve IoT security, and their entire security framework, to avoid data breaches and other cybersecurity incidents.

 |  |  |  |  |  |  |  |  |  |  |  |  |  | 
Sue Poremba

More from Endpoint
November 28, 2023

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

October 30, 2023

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

October 5, 2023

Does your security program suffer from piecemeal detection and response?

4 min read - Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection systems An underperforming security orchestration, automation and response (SOAR) system Only capable of taking automated responses on the endpoint Anomaly detection in silos (e.g., network separate from identity) If any of these symptoms resonate with your organization, it's…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature