Cybersecurity in a 5G World
The next generation of wireless communications, known as 5G, is increasingly being rolled out in the United States, the UK and in other regions across the globe. This revolution in wireless telecommunications will have numerous ramifications. A recent Wall Street Journal article, “The Good News About 5G Security,” reports on the pros and cons of 5G security in terms of protecting personal data. One of the benefits cited was that 5G enables network slicing, “a network architecture that enables multiple, isolated virtual networks on the same physical infrastructure. This type of design reduces ease of access to the network as a whole and allows organizations to apply specific security tools and policies to different slices. Slicing can also be a boon for privacy, because information related to each segment isn’t shared among the other slices.”
The notion is that cyberattacks will be easier to contain, because they affect only the slice being targeted. In terms of distributed denial of service (DDoS) attacks, it is true that network slicing may reduce the blast radius, if the maximum volume of traffic in each slice can be constrained. However, everything in the attacked slice will be impacted, so there’s still plenty of scope for DDoS attacks to negatively impact business and other services. For example, if a cybercriminal targeted consumer 5G devices with botnet malware, to create a new DDoS-for-hire service, any attacks subsequently launched from those devices could be shielded from any critical IoT services, which weren’t the target, but share the same physical network.
Overall, the article is positive about 5G and its security. However, it includes several cautionary comments:
“Although 5G brings several cybersecurity benefits to organizations, there are many new risks as well. To start with, the expected explosion of internet-connected devices will bring with it a vastly expanded field of potential targets for hackers. Regulators and industry groups need to develop stronger rules, expectations and mandated cooperation to face such challenges, says Tom Wheeler, former chairman of the Federal Communications Commission under President Barack Obama.”
It is reasonable to assume that 5G networks have security flaws that are yet to be discovered. But even whilst that remains just an assumption, cybersecurity experts acknowledge that 5G networks will increase attack surfaces because they will be connecting more powerful, 5G-enabled, devices with the capacity for much higher volumes of traffic. This leads to more opportunities for malware, security breaches and DDoS attacks. The vast majority of DDoS attacks are actually relatively short, and small in size, rarely saturating the links over which they pass. However, 5G will make it even easier for hackers to launch ever larger volumetric attacks, and we may witness the first 10 terabits per second attacks sometime in the not too distant future. In the meantime, the increased bandwidth of 5G networks means that future botnets will not need to harness as many mobile or IoT devices, to have the same crippling effects on their targets.
Internet Service Providers now face a particular challenge to secure their increasingly complex and exponentially faster networks. In an era where DDoS attacks that have grown in frequency and sophistication, it is critical that they now prevent DDoS traffic from disrupting their own network-based service offerings, as well as those of their customers.
Any organization that relies on the Internet for its business must be prepared for the increased cyber risks that 5G brings. Government regulations appear to be behind the proverbial curve when it comes to addressing the cyber risks, but at least there are technology solutions that organizations can implement today to automatically and effectively mitigate DDoS attacks, whether in a 4G or 5G network.
For over a decade, Corero has been providing state-of-the-art, highly-effective, automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. If you’d like to learn more, please contact us.
Sean Newman is VP Product Management for Corero Network Security. Sean has worked in the security and networking industry for twenty years, with previous roles including network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.