
Mark Hawksworth examines 5G networks and their increased exposure to cyber attacks
Cyber and ransomware attacks are on the increase with experts estimating that the yearly cost could increase to as much as $6tr (£4.3tr) by the end of 2021. The introduction of 5G across the UK is seen as vital for our economic growth but it also provides criminals with another opportunity to exploit.
Kinetic cyberattacks refer to a class of attack that can cause direct or indirect physical damage, injury, or death solely through the exploitation of vulnerable information systems and processes. 5G networks have a larger attack surface which will have greater consequences for business than just data breaches alone and will leave UK business exposed to Kinetic cyberattacks.
We have seen recent reports of cyber kinetic attacks on infrastructure and institutions including transit, power plants, water facilities, oil pipelines and hospitals. The attacks demonstrated the collateral damage that can occur when a group seeking to monetarise an attack (in this case using ransomware) actually resulted in the operator going off-line due to the nature of the network damage sustained.
The evolution of cyberattacks has now resulted in monetarisation moving to a data exfiltration model. There is an increased potential for threat actors to unlawfully access 5G devices and stored data
New threats
Kinetic Cyber is not new, it is just far more likely on 5G networks, which has the potential to introduce new threats and make existing threats worse.
5G networks will underpin equipment controlling physical functions such as traffic flow control, power, emergency services and building management systems; they
have been designed to move away from traditional centralised, proprietary hardware-based switching to software based digital routing. This most recent communication generation seeks to use an entirely new transport vehicle by moving to more mainstream commercial off-the-shelf (COTS) servers running open-source software stacks, with the advantage that these new systems will be more economic to buy and operate.
These changes in architecture and hardware (over previous generations) remove natural constrictions, where hardware-based security had been traditionally implemented. 5G replaces historic hardware controls with software-based network functions, which provide external actors with a larger digital surface to attack.
Even if a new technology could be introduced that made it possible to adequately handle vulnerabilities within the network, 5G networks are also managed by software, which is also vulnerable to attack. The networks are connected by application programming interfaces (APIs) and 5G will use APIs to enable communications between service functions. Insecure APIs can expose core services to attack and place the entire 5G network at risk. Rather like attackers who currently seek out network administrative accounts, threat actors who gain control of APIs could gain control of the network.
Cyber risk on 5G is further compounded by the need for end users to take greater responsibility for their own security at a time when the external attackers have the upper hand. With increasing communication speeds coupled with weaker security end users will have a greater exposure in the short to medium term. The evolution of cyberattacks has now resulted in monetarisation moving to a data exfiltration model. There is an increased potential for threat actors to unlawfully access 5G devices and stored data. Automatic scanning of any compromised devices will allow the attackers to quickly identify any data of value which can be removed from that device for monetarisation at some point in the future.
Looking at larger systems, organisations hold an increasing amount of personal data on their networks. This poses a risk to people’s rights if data held on these network devices have data exfiltrated from that device which then allows for it to be monetarised by either extortion or threat of publication. 5G will bring end users much closer to real time / video-based services, however, these advantages come with increased risk, risk that is essential we understand and manage.
Mark Hawksworth is global technology specialist practice group leader at Sedgwick International UK