For years we’ve anticipated 5G’s arrival, and as we approach 2020, you’ll be hearing about it more and more. Welcome to a world where data is transferred up to 100 times faster than current speeds.
Countries like South Korea and Singapore are already beginning their 5G transformations. Meanwhile, in the United States, major carriers are testing new 5G networks in select cities. If 5G hasn’t been on your MSP radar, it should be. 5G will transform the connected landscape, unlike anything since the advent of widespread broadband technology.
As with any new technology, the implications and innovations that will arise are not going to become apparent until after it’s been out a while, but some experts are already expressing some alarm about 5G’s cybersecurity aspects. Here are some areas MSPs need to be considering as 5G morphs from a futuristic possibility to present-day reality.
More attack surfaces to defend
MSP owners that have been in the business for decades: do you remember the days when you just had to secure a server or a clunky mainframe? Once 5G becomes the norm, you should expect the current IoT wave to become a tsunami; everything will become a connected device, from public safety devices to educational tools to medical wearables .
As manufacturers rush to get new items to market, they will inevitably skimp on security, and government regulations will struggle to keep up. MSPs will go from guarding a manageable number of attack vectors to attack vectors virtually everywhere. It’s difficult to say how it all unfolds, but one thing is certain: there will be far more entry points to networks than there are now.
That’s why MSPs need to start thinking about their plans. There will be opportunities to price in more security services, but MSPs will have to educate clients about the vulnerabilities a seemingly innocuous IoT coffeemaker can pose.
More vulnerability to state-sponsored attacks
The 5G network is essentially being built from scratch to replace the existing 4G LTE ecosystem, which means new switchers, routers, cell phone towers, cables, fiber optic networks, and on and on. The influx of new equipment is a boon to the IT business, but the plethora of suppliers and vendors in the mix create an environment that is ripe for state-sponsored attacks, the European Union warned in a recent report on the state of 5G.
Among the various potential actors, non-EU states or state-backed actors are dangerous and more likely to target 5G networks, the report says.
While there isn’t much an MSP can do defend against a well-funded state actor, the report is a clear warning that plans to protect clients should begin now. Off-site, off-network data storage needs to be considered as standard procedure as we enter a 5G world.
If your client’s data or network is rendered unusable due to an attack, you need to have full redundancy elsewhere so that their business can run seamlessly. This will entail extra cost to the client, but the costs of not having adequate backup will be far greater.
Here come the botnets
Not only will the explosion of IoT create a bunch of new attack surfaces to defend, but 5G will also be a Botnet Petri dish. With all these new IoT gadgets rushed to market with likely lax security, hackers will inevitably find the weak spots to commandeer devices to use in launching DDoS attacks. Although with 5G’s increased bandwidth, a DDoS attack may not have to involve as many devices as currently needed.
Nokia published a report warning of an increase in DDoS attack probabilities with expanded 5G:
“Cybercriminals are switching gears from the traditional computer and smartphone ecosystems and now targeting the growing number of vulnerable IoT devices that are being deployed,” the Nokia report stated. According to that same report, IoT bots made up 16 percent of infected devices in CSP networks in 2018, up significantly from the 3.5 percent observed in 2017.
The unknowns
The reality is that until 5G is thoroughly entrenched, we don’t know what sort of cybersecurity vulnerabilities will appear. Bad actors are always probing for — and usually find — weak spots to exploit. For instance, SD-WANs will play a more significant role in the 5G world.
As Jon Zayicek, IT risk and security principal at Cask, a business and technology consulting firm, explained to TechRadar recently, “The biggest threat isn’t necessarily the 5G standard itself, but possible vulnerabilities in the SDN layers for new use cases.”
What MSPs should be doing in the twilight of 4G, is run a full risk assessment and have a 5G transition plan in place. We know that 5G will bring risks, but we don’t know exactly what those risks are yet. Those risks are major opportunities for MSPs to expand upon their role as gatekeepers and guardians, just at far faster speeds.
Photo: Monster Ztudio / Shutterstock.