After many years of promises, we’re finally on the cusp of the 5G era. 5G, a new, cellular wireless technology, is expected to provide connectivity to everything and perform data transfers at speeds that far exceed anything we have seen in the past. It will truly be the golden age of communication, automation, and barring privacy and government restrictions, everywhere and at any time.
5G will disrupt mobile device technology, unseatting 4G, LTE, and older 3G and 2G technologies. Home and commercial broadband and internet access will change and not require cable, POTS, satellite, or even fiber to provide high speed access - to everyone. New applications for information sharing will emerge between devices and people.
Oh—and the security ramifications will become a potential concern for everyone and everything. This requires particularly careful consideration.
According to Verizon wireless, the throughput of 5G will peak at 10Gbps (compared to 953 Mbps for 4G LTE) and accessible to devices traveling at 310 mph. This means any 5G device--mobile phone, IoT, and other—will be able to transmit or receive incredibly large quantities of data, even when traveling at speeds above any land-based transportation, and nearly half the speed of a commercial airliner. This creates a new attack vector for threat actors that the world has not seen before.
Here are some of the significant cybersecurity challenges posed by 5G:
- Large quantities of data can be exfiltrated from an organization in a few seconds via a 5G-enabled device
- Large quantities of data exfiltration no longer require hacking the cloud, removable media, nor egressing data via a firewall. They can route through a cellular network with a malicious 5G device that has access to an organization’s information.
- Threat actors can now use “true drive-by” hacking techniques to communicate with rogue or compromised 5G devices to exfiltrate data, perform command and control, or maintain a persistent presence because communications to compromised or rogue 5G devices can occur at high velocities. If you consider over 400 million 5G-enabled devices are expected to be shipped in 2022 alone, hacking the devices will become a new attack vector for a persistent presence.
- Finally, 5G represents a new attack vector for Distributed Denial of Service attacks. (DDOS). Due to the high bandwidth, low latency (up to 120x less than 4G), mobile nature, difficulty potentially with tracking geolocation based on privacy and carriers, infected 5G devices could be the largest botnet to attack “anything” since the Mirai Botnet, which occurred 2016.
These should not stop the deployment of 5G. In fact, enterprise cyber defenses for these new types of attacks and data exfiltration may begin to employ certain military tactics. These include:
- Using “jammers” to block cellular communications from within sensitive networks and buildings that may allow access to data via traditional wired or wireless networks. While these are considered illegal today, I do believe changes will be required to protect sensitive environments, especially government installations.
- For the most sensitive environments, organizations may want to consider deploying a “no electronic device” allowed policy before entering a data center or network-accessible building. This typically requires that all staff and visitors store all of their electronics in a secure locker before entering a building. This should help reduce the risk of a threat actor bringing in a rogue 5G device, but it does not eliminate the threat if they conceal the device and it is small enough (i.e. a raspberry PI enabled with 5G, ethernet, and hacking software)
- Organizations may also consider a commercialized electromagnetic pulse generator (EMP) to “fry” any electronics in a staging room before a user enters the secure area. This is a technique governments have been using to protect against hostile surveillance equipment for years.
While the threat of hacking using 5G is very real, organizations may also want to adopt one simple additional policy. No bridging of 5G-enabled devices to the corporate network. That is, if your device is 5G-enabled, do not allow wired and wireless connections to be active at the same time. While this is not perfect, it does prevent a 5G device from becoming that gateway into a network. This is very similar to many existing policies that prevent laptops from having wired (Ethernet) and wireless (WiFi) communications enabled at the same time.
5G will change our lives—the benefits it confers are many. But, with tremendous amounts of data and speed pervasively available, it will necessitate the right security and judicious policies. New hacking techniques will emerge and threat mitigation strategies will have to evolve too. In some ways, this all represents a security theme that’s been repeated over and over, leading us now to a new phase of hyper-acceleration of data theft.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three books: Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.