Great Digital Power, Great Responsibility: 5G and the Cybersecurity Challenges | Expertspeak

As Prime Minister Narendra Modi launched 5G in October 2022, several telecom experts and industry insiders highlighted how this next-generation technology would help India achieve its goals in different fields.

However, according to experts, 5G may also bring along cybersecurity challenges.

Due to lack of support in iOS, iPhone users were unable to connect to 5G networks in India.

With pressure from the Indian government, Apple acknowledged in November that it would implement 5G support with a software update. Consequently, the company has now enabled 5G for iPhones in India with iOS 16.2 RC.

CHALLENGES AHEAD

Sunil Sharma, managing director of sales, India and SAARC, Sophos, said: “The launch of 5G in India will be a game-changer for technology adoption in India. 5G technology will improve on its predecessors with faster speeds, higher bandwidth and lower latency, which will likely make it more common than 4G ever was. While the faster speeds definitely have their advantages for users, they’ll also cause disadvantages, as hackers will be able to exploit the speed.”

Another expert, Sujit Patel, MD and CEO of SCS Tech, told News18 about three specific challenges related to 5G. “As 5G networks allow for billions of connected devices, traditionally insecure IoT devices which become a part of this network may be especially vulnerable. Increased risks due to supply chain attacks against 5G infrastructure could lead to malicious software and hardware being provided by untrusted vendors. Also, the increased volume of data flowing over 5G networks will create a strain on security monitoring.”

Subhash Dutta (Retd.), COO and head of malware research at Sequretek, said that 5G is already being tested for a select few customers in different parts of the country and it looks to keep up to its promises of enabling faster speeds, lower latency, as well as the higher capacity to support the increasing demand for data. “The 5G network will also have a larger attack surface due to the increased number of devices and connections that it supports. This means that potential entry points for hackers to exploit will only increase. It relies on a complex infrastructure that includes multiple layers of network components, such as base stations, routers and switches. Hackers could potentially exploit any vulnerabilities in this infrastructure.”

Dutta also said that a complicated supply chain, including hardware, software, and service providers, supports the 5G network, so there may be security flaws in the entire network if this supply chain is compromised in any way. “Also, the 5G network is still in its early stages, and there are currently no established security standards for it, which means that different countries and companies may have different approaches to securing their networks, which could lead to inconsistencies and potential vulnerabilities.”

Lastly, Dutta said: “The 5G network’s faster speeds and lower latency make it more susceptible to distributed denial of service (DDoS) attacks, which can overwhelm a network by flooding it with traffic. ”

PREVENTIVE MEASURES

Dutta said that laws and policies should be neutral and not focused on a specific technology. “Training of law enforcement agencies (including legal professionals) to keep pace with the changes in technology should be the prime focus. India has had the unique distinction of bringing a large segment of its population onto digital platforms, including those providing financial inclusion. Therefore, greater sensitization of the public on the safe usage of 5G-supported devices is essential.”

Meanwhile, Patel highlighted that National Cyber Security Strategy includes large scale digitisation of public services. “Developing institutional capability for assessment, evaluation, certification and rating of the core devices, as well as timely reporting of vulnerabilities and incidents, maintaining a repository of vulnerabilities and preparing an aggregate level security baseline of the sector and tracking its controls could help.”

In terms of companies, the expert advice is to make use of threat intelligence. By providing visibility into the latest threats, a modern threat intelligence platform can help organizations of all sizes understand recent attackers, malware and vulnerability trends.

“By 2025, IoT connections are expected to reach 25 billion globally, so communication networks need to prepare for the equally exponential growth of associated security risks. Device manufacturers have to look for more sophisticated options to ensure that hacktivist groups or state-backed actors can’t take control of IoT devices,” he added.

Patel said: “Updated cyber security and privacy awareness training safeguards employees against social engineering tactics by threat actors. Preventive measures such as using MFA and virtual private networks (VPN) protect sensitive data and information of users.”

Read all the Latest Tech News here