2020 will see huge investments in 5G networks — Greensill estimated that the 5G rollout throughout the global supply chain will top $2.7 trillion by the end of the year. That’s not a number to sneeze at either, as it’s equal to roughly three percent of the world’s total gross domestic product. And while most of the investment will be in the infrastructure rollout, do not forget the other pieces. Hardware, software and services are also among the necessary investments.

So, with all the endpoints we can expect to see, where does mobile security fit into all of this? It’s an excellent question, because how we handle mobile security during the 5G revolution will affect the development of 6G. 5G will bring a new set of issues related to data management, hardware integration, the near ubiquity of numerous new devices connected to networks and privacy. How we handle these issues will undoubtedly influence the future of networks.

Is it too soon to talk about 6G? I’d argue it is not, as we have significantly shortened the time it takes to develop new groundbreaking technologies. Let’s theorize about what these new technologies could be, what the connectivity landscape could look like after the 5G revolution and, critically, how to ensure security in this new world.

A Packetless Internet

Despite the challenges, we may be at a point in our history where we can begin to rethink how our connectivity systems operate. Imagine having the ability to send “the entire message at once” as opposed to bits and pieces, even to mobile devices. Suddenly, current security concerns such as packet loss or data integrity take on completely different meanings.

What does a packetless type of data transfer mean for the Internet Protocol? If file size and latency are no longer issues, do not be surprised if we start having discussions about new types of transport protocols.

Increased Decentralized Computing

Suppose we end up going in the opposite direction and packets are spread all over the place, creating multiple redundancies. All of a sudden, your single point of failure or compromise is gone. When speed and connectivity are no longer serious concerns, does it matter where your data is? From a jurisdictional and privacy perspective, yes, it does. But what about from a technical perspective — does it make a difference? It’s unknown for certain, but as long as your access remains uninterrupted and reliable, it may not make any difference at all.

A Quantum Breakthrough

Quantum computing continues to show promise, but we are still far from the point where quantum mobile devices are ubiquitous in society — we haven’t even reached that stage for quantum computers yet. 5G will still rely on our current methods of encryption, but we may soon see quantum key distribution (QKD) deployed in a mass communication system for the first time. That would truly be a revolutionary security measure, as QKD makes eavesdropping impossible at best and almost instantly detectable at worst.

The Commoditization of Connectivity and Power Consumption

The breakthroughs that may have the greatest effect relate to connectivity availability and power consumption. Imagine devices that have nearly 100 percent connectivity availability and can be run with minimal power. These issues are highly important to information security because they change user habits. This is particularly true for mobile users and mobile security decisions. Why are laptops, tablets and smartphones so much more prevalent? Yes, in part it is because they are powerful devices, but the primary reason why they’re attractive is their ability to connect remotely and operate over time.

As connectivity availability increases and power consumption decreases, more and more devices are going to hit the road. Couple this with increased performance and power, and the question emerges of how many years out we are from “handheld mainframe” computers. Breakthroughs can happen when you least expect them, and they have force-multiplying capabilities.

So while we may be decades away from something so powerful by today’s technological standards, we may have a technological breakthrough five years from now that could shorten that development time considerably. Human imagination and ingenuity is a wild thing, and it may get a helping hand from some artificial intelligence (AI) too.

How to Ensure What’s Next Is Safe and Secure

The next telecommunication revolution will transcend information security and communication security issues. The next revolution will truly be a system of requirements and issues, which is another reason we need to start looking at the issue today. If not, we risk building on top of a house that is already on shaky ground.

I don’t know what 6G will look like, but if we can employ some sound principles to it and integrate new eye-popping technologies into it, then we will truly see a revolution around how we communicate and operate. By doing so, we can also continue to improve upon the current best practices and security controls for the 5G systems rolling out around the world.

The new system should be safe, secure and intelligent and should be built from the ground up using the lessons learned from the better part of 60–70 years of network connectivity. A 6G system needs to focus on a few broad areas to be both safe and secure, including the following:

  • Robust mobile security measures — The system must be able to address standard mobile security concerns. It must be able to prevent the interception, manipulation and exfiltration of data. It also needs to be able to focus on multiple actors and recognize that there will always be a human element to any security concern.
  • Privacy, privacy and more privacy — The security and privacy worlds are morphing into one, and unless privacy concerns are addressed at the beginning, there will be an inherent concern, which may degrade trust.
  • Security by design — The system needs to be robust right from the development stage, regularly tested, and able to learn from testing and potential disruption. It should be so well-designed that there are multiple redundancies — different ways to purge itself of unwanted and malicious data — and it must demonstrate no single point of failure.
  • Show me the money — Any 6G system must be economically tenable over time. Neither the unlimited pot of gold nor the money tree has been discovered yet.

When Will the Next Generation Arrive?

We have come a long way from the 1G systems unveiled in the late 1970s and early 1980s. Even then, adoption rates were relatively slow. It wasn’t until the 1990s when mobile communications took a big leap, with 2G systems opening up the door to a new world of possibilities. 3G brought us mobile broadband connectivity, and by the late 2000s, 4G was deployed. If we use these time frames as estimates, we’re looking at about 7–10 years until a 6G deployment. These days, that’s practically right around the corner.

It is quite possible that when we look back, 5G may look more like a 2G-type breakthrough — a “wow, we can really do this” leap. In hindsight, it’s safe to assume we were overwhelmed during the 3G and 4G eras. Therefore, the time is now to address the mobile security, privacy, design and economic issues of 6G development and deployment, particularly in light of the many new technological breakthroughs we can expect to see in the coming decade.

more from Endpoint

IOCs vs. IOAs — How to Effectively Leverage Indicators

Cybersecurity teams are consistently tasked to identify cybersecurity attacks, adversarial behavior, advanced persistent threats and the dreaded zero-day vulnerability. Through this endeavor, there is a common struggle for cybersecurity practitioners and operational teams to appropriately leverage indicators of compromise (IOCs) and indicators of attack (IOAs) for an effective monitoring, detection and response strategy. Inexperienced security […]

TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware

Malware authors use various techniques to obfuscate their code and protect against reverse engineering. Techniques such as control flow obfuscation using Obfuscator-LLVM and encryption are often observed in malware samples. This post describes a specific technique that involves what is known as metaprogramming, or more specifically template-based metaprogramming, with a particular focus on its implementation […]