This summer has already seen the launch of individual 5G networks across the UK, with more to come. Matthew Aldridge, Senior Solutions Architect at Webroot, believes that while there are obvious positives associated with 5G – decreased latency and increased bandwidth – there are cybersecurity issues with the technology that 5G enables, mainly IoT.
Vulnerabilities within IoT networks cannot be ignored as adoption increases with improved connectivity. IoT devices tend to lack any inherent security and increasing the number of devices in a network also increases the attack surface area.
https://twitter.com/VodafoneUK/status/1146327198883819520
Experts Comment:
Matthew Aldridge, Senior Solutions Architect at Webroot:
“As the deployment of 5G becomes widespread, industries such as healthcare and transport will be able to truly explore the benefits that improved connectivity brings. The decreased latency and increased bandwidth which 5G provides will make technology such as eHealth and autonomous vehicles a reality through connected devices and IoT. However, with each device that is added to an IoT network, the attack surface area increases exponentially. There must be a clear understanding of how and what a device collects, stores and communicates. Businesses need to be clear on the associated risks and the possible consequences of the network being compromised through a malicious attack on one or more of these devices.
Routinely making secure checks for the latest firmware updates on all devices is essential. Ultimately, businesses must ensure IoT devices are configured to be as secure as possible – moving away from the “set-up and forget” mentality. Manufacturers of these devices also have a responsibility to businesses and consumers to build security in during the development phase. It is critical for appropriate security controls to be in place with regards to the processing, storing and transmission of end user data, whether locally or in a private or public cloud service using best practice end-to-end encryption and secure authentication. Updates should be simple to apply, or better, automated and devices should security hardened out of the box – the mandatory changing or eradication of default passwords for example.
These devices and the network as a whole need to be continuously monitored, utilising the latest threat intelligence solutions. An informed and tactical security approach will pay dividends towards keeping the whole organisation’s environment safe during this phase of technological advancement.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.