With the anticipation regarding the burgeoning 5G, it’s easy to forget that it’s not just something new and exciting. Sure, it’s super fast and utilizes low latency, but there are other things to consider beyond that, such as the increased chance of security attacks.
Existing Problems with IoT Security
You may be one of the lucky few who is already experiencing 5G. It isn’t widely available just yet, but it will be. All carriers have either begun rolling out the service in selected areas or soon will. New devices are beginning to offer the capability as well.
But we still haven’t fixed the existing security problems with the Internet of things, and 5G isn’t going to erase those. The use of the IoT is certainly on the rise. It’s estimated that connected IoT devices and applications will exceed 67 billion by 2025.
But there is an existing problem of IoT devices shipping with default passwords. Consumers rarely change those and just use the devices as they are at face value. Additionally, the ports are often open.
As Derek Handova, the senior technical writer at Synopsys Software Integrity Group pointed out, “for hackers, it’s like shooting fish in a barrel.” It’s a known problem with IoT, and hackers aren’t going to pass by such an easy mark. And like any other software, securing IoT is prone to design flaws and coding mistakes.
Vulnerability of 5G and IoT
So there are already problems with security and IoT. 5G isn’t going to erase those. Handova points out, “With new 5G wireless technology replacing older 4G LTE technology, uncertainties and risks can abound within the 5G protocols themselves.”
And because 5G is a new technology that is still evolving, better security will be needed for it, especially when combined with IoT devices that have those existing problems.
With the question of whether 5G and IoT cybersecurity compliance standards would help, such as those used in financial transactions with credit or debit cards, Handova explains that “the evolving status of 5G standards and fast-changing nature of IoT devices make these kinds of compliance rules and regulations ‘very cumbersome and overweight,’ according to Protocol.” It’s not a system designed for regularly-changing environments.
Helping this situation, the National Institution of Standards and Technology designed draft recommendations for IoT cybersecurity. It requires IoT manufacturers to design cybersecurity into systems. However, these are not enforceable rules and are only recommendations.
Handova believes today’s rare cybersecurity standards aren’t broad or flexible and don’t anticipate enough for 5G and IoT, and that leaves developers to have to find vulnerabilities on their own.
He suggests that “fuzz testing, or fuzzing, organizations can subject their IoT devices to intentionally malformed data,” attempting to intentionally input tainted data to get an IoT device to malfunction. He sees this as “one of the best ways to test security protocols” and believes 5G and IoT device developers will find it invaluable as 5G continues to roll out.
But again, nothing will change too much with 5G and IoT until those existing IoT security problems are addressed. Security attacks will only continue.
To learn more, read up on how secure 5G is.