The deployment of 5G mainly concerns phones and laptops. But soon, with the explosion in the number of IoT devices designed to take advantage of this technology, a real boom in 5G radio antennas in the workplace is to be expected. These 5G antennas should be gradually integrated into all devices, including vending machines in break rooms, from computers to photocopiers. As more employees are required to work remotely, companies may well find themselves exposed to security issues related to employees’ IoT devices. Companies need to ensure the security of their distributed environments.
With the development of 5G, new security challenges will emerge for companies, representing as many opportunities for hackers. Several questions then arise: what are the existing threats, and would they increase with the rise of 5G?
5G and Visibility Issues
Lack of visibility continues to be a problem with 5G, as was already the case with 3G and 4G. But given the speed of 5G, the exponential volume of data that can be transported, and the fact that 5G connectivity exceeds current broadband, this concern for visibility is much more important. At best, within a 5G environment, it is possible to see if a device is using a 5G antenna. But it is not possible to have visibility on the nature of the transmissions, which makes it difficult to detect suspicious activities. It is possible to observe 5G radioactivity with a spectrometer but not to distinguish normal 5G activities from malicious 5G activities since there is no access to what is transmitted by this communication channel.
Security risks are particularly high for devices not managed by the company since hackers can exfiltrate data from these devices undetected. But the risks also exist in the case of devices managed by the company. If hackers can hardly go unnoticed for the duration of the attack, 5G could allow them to exfiltrate data via parallel channels. Either way, it’s nearly impossible to properly manage risk without being aware of what’s out there and what’s happening within a given environment, which is why the issue of visibility is so problematic with 5G.
When it comes to threats, companies can require IoT devices in the environment to be connected to corporate Wi-Fi to gain visibility into communication flows and to be able to detect any anomalies. By installing an agent on managed devices, a business will identify an unmanaged device communicating over the network. It does not mean that anyone cannot decipher what is being said, making it difficult to detect attacks in real-time.
5G, Source Of Opportunities For Hackers
Most devices used within companies do not have 4G chips, as 4G is not faster than Wi-Fi. 5G, on the other hand, is a marked improvement over the earlier technologies since it offers higher speed, better bandwidth, and lower latency. Its use will likely be much more widespread than that of 4G. While these features are advantageous, they also represent a danger, as hackers can exploit the ubiquity of this technology for their ends.
The ubiquitous nature of bandwidth, and its efficiency, is a great opportunity for amateur hackers, who do not have to change their strategy to reap the rewards of their actions. Thus a hacker could take advantage of the lack of visibility to gain unnoticed access to a photocopier equipped with a 5G chip, thus having access to all the sensitive information on the device. Thanks to the bandwidth and speed of 5G, this hacker will be able to exfiltrate data quickly, without triggering the slightest warning signal in the company.
If a professional hacker attacks a company’s network, the hacker will look for additional ways to increase their financial gain. To exploit 5G, hackers do not need new skills. They can use the same attack methods to penetrate the network. 5G, on the other hand, offers them the possibility of causing greater damage since it allows them to exfiltrate enormous volumes of data at hitherto unprecedented speeds.
Protect Yourself From The Risks Associated With 5G
It does not mean that companies should avoid 5G-equipped devices at all costs to avoid possible security risks. Rather, it’s about accepting that these devices will soon be part of the corporate environment and taking the necessary steps to secure the infrastructure.