The advantages of 5G over previous-generation networks (4G, 3G, 2G) are greater speed, lower latency, being able to connect virtually unlimited devices and the ability to implement secure virtual networks (network slicing).
Unfortunately, cybercriminals benefit from these technological advances too. Despite security improvements that address issues in previous-generation networks, 5G has given attackers the capability to build increasingly sophisticated criminal networks, allowing them to access and download a victim’s data faster than ever before, and providing them with access to a smorgasbord of connected devices. Being a software solution, with 5G there are no hardware choke points to slow cybercriminals down and organizations are having to deploy new (and sometimes expensive) AI monitoring solutions.
While 5G attack targets are similar to what they were for previous-generation networks (healthcare being a perennial favorite), 5G has some additional disadvantages: a larger attack surface, decreased network visibility, more IoT-related security risks and potential hardware and software product vulnerabilities as manufacturers rush their sometimes-untested solutions to market. The result is that some 5G attack targets are more vulnerable to potential 5G security loopholes than others are.
Types of 5G attack targets
Virtually no sector of the economy is immune to a potential cyber-attack over a 5G network. Prime potential targets include healthcare, the IoT ecosystem, smart city and smart factory applications, manufacturing industries, utility companies, cloud service providers, mining, distribution centers, shipping, aviation, government, the military, construction, building services, campus networks, sports stadiums, private enterprises and the financial sector.
5G attack targets may be broken down into three high-level categories, referred to as use cases. These include enhanced mobile Broadband (eMBB), ultra-reliable and low-latency communications (URLLC) and massive machine-type communications (mMTC). These categories are interwoven but each provides standards for applications with different requirements, for instance speed rather than reliability being the focus.
eMBB involves data-intensive use cases, like telemedicine and virtual reality, that require high bandwidth. mMTC is concerned with the generation, exchange and analysis of large amounts of data between devices and numerous types of applications, from smart agriculture to transport applications. URLLC addresses industry requirements for high reliability and low latency applications in response-critical systems, like telerobotic surgery and the manufacture of self-driving vehicles.
The following are potential 5G security loopholes that make attack targets particularly attractive.
The IoT provides multiple ways for attackers to access and manipulate connected devices on 5G networks. For example, encryption vulnerabilities in 5G’s standardized authentication and key agreement (AKA) protocol provide a backdoor for attackers, enabling mobile network mapping (MNmap). MNmap is a technique used by attackers to identify devices on a network.
MNmap allows cyber criminals to “case the joint,” for example, by pinpointing the location of security devices on a network and circumventing them.
Devices in 5G-enabled internet of medical things (IoMT) systems if identified and breached could threaten the privacy and safety of patients using telehealth services.
In the shipping industry, the risks of device identification include real-time location tracking and the threat of attackers spoofing Mayday alerts, causing potential shipping lane chaos.
Large-scale enterprises use private 5G networks to improve connectivity, the speed of data transmission, reliability and uptime. 5G bidding down attacks that hijack devices and force them to “bid down” to a previous-generation network could degrade network quality for software as a service (SaaS) providers and threaten time-sensitive routing operations in the transportation, shipping and aviation industries.
Spectrum sharing provides opportunities for attackers to manipulate non-critical connections, which may have a knock-on effect for critical connections in logistics and scheduling operations, and for emergency response services.
A GMSA/Trend Micro survey — Securing private networks in the 5G era — found that while 51% of mobile service providers surveyed claimed to be prioritizing vendor partnerships to improve security, only 18% said they secured their own endpoints, providing intrusion points for attackers to large customer databases.
Poor system configuration
5G security is a risk at any organization with poor BYOD policies and for field workers. A growing attack surface is the army of remote workers created by COVID-19. For example, many devices have default usernames and passwords that are never changed. 5G attackers can exploit this type of vulnerability using simple online tools like the Shodan search engine.
Counterfeit, untrusted and legacy network components
Wearables and low-end devices used in connected homes may have weak built-in security. 5G security risks at home are exacerbated by the uninformed purchase of devices from untrusted vendors.
Particularly of concern to the military is the possible deliberate introduction of vulnerabilities in foreign-made equipment, enabling the surveillance and manipulation of military systems and personnel.
It being unrealistic to replace all components in large distributed systems, inherited legacy components in modern applications may compromise 5G networks. The most well-known example of a distributed system is the internet. Other examples of distributed systems are air traffic control systems, telephone networks and electronic banking systems.
Complex network architecture
In a 5G network, devices are connected to application servers through a radio access network (RAN) and a core network that provides various network functions, like authentication, billing, communication, reporting and access control. These networks are then connected to various vertical networks, like a manufacturing application or finance system that may use previous field devices and run previous-generation networks in the backend. These legacy sub-systems create potential back doors for attackers.
While 5G offers significantly more benefits than previous-generation networks, it has ushered in additional security concerns in cyberspace. However, the only significant 5G-related security incidents since its inception that can’t be attributed to other factors have been the many initiated by anti-5G conspiracy theorists.
5G is still in its infancy and reliant on previous-generation technologies so cyber breaches even when they take place over 5G networks are not attributable to “pure” 5G as envisaged by network architects. GMSA estimates that 5G will cover one-third of the world’s population by 2025. By that time, it is conceivable that 6G will be networking’s holy grail.
About the author
Penny has been writing for clients around the world in different areas of technology, from articles on cybersecurity to user guides for startups, for 15+ years. She's driven by the old adage, “if it isn't written down, it doesn't exist,” which probably explains the hundreds of lists scattered around her home. Penny has a legacy IT development and journalism background, and her weakness is bestseller novels.