As we head into 2020, one of the biggest oncoming trends is the expected pervasiveness of Fifth Generation (or 5G) networks. But as we eagerly anticipate a world laced with these new high-speed networks, we must also keep in mind that this connectivity brings with it a string of cybersecurity concerns.
What does 5G mean for cybersecurity?
The rollout of 5G networks worldwide will revolutionize many industries, including utilities, critical infrastructure, smart cities, telecom, medical, automotive, and more. However, by enabling a larger ecosystem of IoT and connected devices than we have ever seen before, we can also expect new cybersecurity vulnerabilities.
With more connected devices communicating with one another across 5G networks, the available attack surface for hackers will be broader than ever before, leaving fertile ground for them to step in, compromise devices, and infiltrate everything from smart cities to connected vehicles to medical devices and more.
A growing threat across industries
One example of an industry that will be largely impacted by threatened IoT networks is our utilities. Due to the critical role of power and infrastructure in society and these industries’ growing reliance on connected systems, they are ripe targets for a variety of attack vectors—and with 5G enabling more connected devices, their vulnerability for attacks will only increase.
Insider, outsider, and supply chain attacks all present high risks for the utilities industry—and they are highly motivated groups. From state-level attacks to financial and theft motivations, attackers are keen to infiltrate critical infrastructures to gain access to their many connected devices. For example, by gaining access to a wastewater plant, attackers could manipulate settings to contaminate public water, or they could hack a power plant and shut down power for entire cities.
Already, we are seeing too many examples of these kinds of malicious attacks on the utilities industry. For example, in a recent survey from Siemens and the Ponemon Institute of utility professionals responsible for securing electric and water utilities throughout North America, Europe, the Middle East, the Asia-Pacific region, and Latin America, 56% of respondents reported “at least one shutdown or operational data loss per year,” and 25% reported being impacted by mega attacks; furthermore, 54% expect to suffer an attack on critical infrastructure in the next year.
Preparing robust cybersecurity for 2020
As we enter 2020 and a new decade with more 5G networks and more connected devices, robust cybersecurity should be top-of-mind in every industry. Unfortunately, too many industries are letting cybersecurity take a backseat in their list of priorities. A report from AT&T reveals that, although “72.5% of security professional worldwide rate their level of concern for the 5G’s impact on security as high or medium-high, only 22% said they believed their current policies are ready for 5G.”
This raises serious concerns about 2020—and the ensuing decade—as too many companies don’t appear to fully comprehend the gravity of the disasters that can succeed cybersecurity attacks. As such, next generation IoT devices and cyber security solutions will need to take a different approach: one that will move the control from the vulnerable device to a more powerful and trusted entity; one that will protect the device even before first activation, all through manufacturing and supply chain; one that is reliably informed and tightly managed.
NanoLock’s flash-to-cloud cybersecurity solution moves the root of trust to the flash memory of edge devices and creates a secure channel between the gated flash memory in the end device and a trusted management entity residing either in the customer’s cloud or premise. In stark contrast to other solutions, who rely on connected devices’ operating systems (OS) or processors to deliver security, the flash-to-cloud approach devices can reliably remain secure even if their software or processor is compromised.
Furthermore, flash-to-cloud embedded protection guarantees a lifetime defense that starts on the factory floor during device manufacturing and through the supply chain, during device onboarding, operations, over the air updates through end-of-life. This protection blocks malicious and even accidental code modifications, regardless of network or physical access to the device and regardless if the attacker is an outsider or insider.
Many industries are beginning to see the flash-to-cloud approach as an ideal solution to the many cybersecurity challenges presented by 5G connectivity. In addition to the powerful protection it offers, another advantage is its OPEX cost structure: By eliminating upfront security investments, the flash-to-cloud approach can deliver companies with the robust cybersecurity management and monitoring needed to withstand the threats within a cost structure that is economically manageable. This can stop epidemic attacks that can spread fast and have devastating impact.
5G networks will soon be all around us, touching nearly every industry from the cars we drive in, to the routers that keep us connected in our home and office, to the cities we live in, and to all of our energy and water utilities. Without a guaranteed, reliable, and robust cybersecurity solution, we are at risk to fall victim to an entire new host of security threats.