Article Preparing for 2019 Security Regulation Challenges for 5G
By Insight Editor / 9 Jan 2019
By Insight Editor / 9 Jan 2019
The advent of 5G connectivity opens up a new realm of possibilities, with lightning-fast communication and reliable connectivity necessary for the next generation of smart technology with real world applications ranging from smart meters, autonomous vehicles to industrial control systems.
With the promise of ripping-fast internet connectivity and endless potential applications of 5G comes a new era of intensified cyber warfare and advanced attacks at a level we’re yet to comprehend. This could be akin to going from fire crackers to sticks of dynamite. Additionally, it is expected that 5G will facilitate a rapid expansion and evolution of IoT devices that will magnify current problems related to the use of these technologies. Of most concern is the risk from increased Distributed Denial of Service (DDoS) attacks which is fully expected to rise with the advent of 5G. Increased 5G speeds will allow even more unsecured IoT devices to come online which create a larger pool of vulnerable attack drones waiting to be harnessed for such malicious activities.
To date, the 2016 Dyn Cyberattack remains the most notorious DDoS incident in history. That attack was facilitated by the compromise of thousands of vulnerable internet connected devices such as baby monitors, security cameras, smart refrigerators which resulted a massive army of zombie devices later identified as the Mirai botnet. This botnet was used to attack a very large DNS provider DYN which impacted connectivity to several prominent sites such as Twitter, PayPal, Spotify, AWS from over 21 million users in North America. That was before 5G connectivity.
The blazing speeds offered by 5G means fewer systems are needed to overwhelm any organization as the attackers could direct traffic at an exponential rate to their targets. Increased IoT devices in the market will make this problem exponentially worse as we could potentially see more compromised IoT devices in the wild. The Department of Homeland Security (DHS) also sounded an ominous warning in its 2016 report after the DYN attack. It stated, “It is not clear if current network infrastructure could withstand future attack if they continue to increase in scale. Further, DDoS attacks have made use of the rapid growth in Internet of Things devices that often with limited security.”
With the rise of botnets and DDoS attacks globally, it is important for every business with an online presence to have a DDoS protection in place to mitigate service outages risks. The DDoS attacks create massive business risks for any enterprise small or large. DDoS attacks unfortunately, are very complicated and depending on the tools and resources available to the attackers, the attack could be instigated using a single computer targeting a single resource, or it could be millions of computers sending millions of packets to one or multiple targets. In all instances however, the attackers must first recruit thousands of vulnerable zombie computers as sources of the attack. To effectively prepare for these attacks, organizations must have a mitigation strategy to prevent their systems from being hijacked into these massive botnet farms as well as response plan in the event that they become victims of a DDoS attack. IoT device manufacturers must also improve the security of these devices instead of the current “functionally and cost over security” mentality.
For businesses however, the most effective DDoS mitigation strategy is to engage the services of a DDoS Mitigation Provider. DDoS Mitigation services minimize the impact of distributed denial of service attacks by providing protection far above the organization’s infrastructure, at the core-infrastructure level and re-routing potential DDoS attack traffic away from the intended target. By addressing attacks quickly in this manner, businesses can reduce downtime and the added cost of bandwidth-spikes commonly associated with DDoS attacks while allowing legitimate connections to be processed as usual. The solutions also employ behavioral anomaly techniques, to help improve attack-traffic filtering and prevent future DDoS exploits. Most cloud hosting vendors also offer DDoS mitigation services so moving critical workloads to the cloud is a viable protection strategy as well.
Threats aside, 5G is coming and with new technology comes the danger of the unknown. 5G will come with lots of benefits and lessons will need to be learned as it's rolled out. As with any new technology, cyber criminals will there ready to exploit weaknesses, so organizations must evaluate the risk of 5G connectivity and how it may directly or indirectly impact their organizations as part of their overall risk management program.