The brave new world of 5G promises to bring unprecedented speed and scale to IoT operations and comes with a new generation of security threats. 5G IoT services will no longer neatly fit into the traditional security models optimized for 4G LTE cellular, and the combination of higher bandwidth, more softwarized network functionalities and more connected devices could pose additional risks.
Security experts warn of threats to the 5G IoT environment, such as advanced persistent threats and web application layer vulnerabilities. The vast distribution of decentralized, small-cell networks 5G IoT requires will make it a challenge to keep each system updated and capable of meeting rapidly evolving cyberattacks.
With many more IoT devices connected in the near future — at least one million per square kilometer by some estimates — the attack surface will significantly expand.
Botnets, network-level attacks and other malicious activities present a complicated security picture with sophisticated, mutable attacks. Top concerns include attacks on radio interfaces, signaling plane, user plane (UPF), masquerading, replay, bidding down and man-in-the-middle.
Researchers warn that the proliferation of data traffic and mobile IoT connectivity comes with a significant amount of risk that should be addressed by the telecom industry before 5G is deployed on a large scale.
Challenges for IoT Security on 5G Networks
To ensure optimal security for IoT deployments, designers must anticipate and prepare for threats, building effective security features into the design of 5G networks rather than attempting to address issues as they arise. A few of the most critical security challenges for IoT on 5G include:
- An Evolving Trust Model
Trust models establish guidelines for how devices evaluate other devices and systems’ security and whether it’s safe to connect. Between 4G and 5G networks, the trust model has evolved considerably. In a standalone 5G system, trust decreases with distance from the network core. Trust is anchored in the universal integrated circuit card (UICC) and the universal subscriber identity module (USIM). IoT developers and network operators must work together to develop hardware and software that can operate securely using the new trust model.
- Authentication Systems
To identify various devices on a 5G network, providers use authentication systems, which have also undergone significant evolution between 4G and 5G. Many authentication models are supported, all of which are radio access network (RAN) independent, meaning they can run, for example, over Wi-Fi. Given the number of devices gathering data in massive IoT networks, like connected city infrastructure and hospital systems or smart offices and homes, strong device authentication is essential for 5G security. Investment in secure biometric authentication systems can prevent identity theft and unauthorized access to devices.
- Data Privacy
While 4G and older technologies struggled to guarantee privacy, 5G tackles this problem specifically. Because it’s primarily software and cloud-based, it’s easier to monitor than previous systems, and more data is encrypted. The infrastructure changes will require carriers, integrators and privacy experts to adjust to a new normal, but the changes provide a solid foundation for data privacy in the future.
Emerging 5G Cybersecurity Solutions
Many of the recommendations for managing 5G security threats are the same as those for managing threats to current networks.
These include using firewalls, conducting routine malware scans, monitoring DNS activity and making threat intelligence a top concern at all times — not to mention training employees on new technology to prevent attacks dependent on human error.
While established practices will still hold value, the new use cases of 5G in IoT applications will create new threats that require smarter solutions. Linked devices, machines, wearables, drones, city infrastructure and autonomous vehicles will store and transmit sensitive personal data on a scale that will be difficult to secure.
As the European Union Agency for Network and Information Security (ENISA) warns, 5G may be vulnerable in part because current signaling protocols (SS7) developed for 2G, 3G and 4G networks may be critically insecure. Updating and securing these protocols will go a long way toward increasing the cybersecurity of 5G networks.
Another threat to 5G networks is the large amount of data stored in the cloud rather than on more secure local servers. The data gathered by IoT devices contribute to a vastly expanded attack surface.
Ultimately, security experts are hopeful that the complex security landscape of 5G can be met with the increasing complexity of AI, machine learning and automation.
By harvesting massive amounts of data from tens of billions of connected devices, AI and machine learning systems can evolve alongside the threat matrix, learning to detect and neutralize threats before compromising critical systems and putting lives and sensitive data at risk.
Despite these challenges, the coming shift to 5G networks promises to offer companies a powerful new tool capable of powering faster, broader IoT deployments.
Editor’s Note: This blog was originally published on 15 May 2019 and has since been updated.