(GIST OF YOJANA) 5G Cyber Security Challenges

(May-2023)

5G Cyber Security Challenges

Introduction:

5G is the 5th generation mobile network. It is a new global wireless standard after 1G, 2G, 3G, and 4G networks.
It enables a new kind of network that is designed to connect virtually everyone and everything together including machines, objects, and devices.
Internet speeds in the high-band spectrum of 5G has been tested to be as high as 20 Gbps (gigabits per second), while, in most cases, the maximum internet data speed in 4G has been recorded at 1 Gbps.

Geopolitics of 5G:

Given its potential to influence our digital future and bring economic transformation, the major world telecom leaders have taken the lead in developing 5G technology.
However, the real thrust has come from the Chinese telecom companies, which have been aggressively penetrating new markets by commercialising the technology and offering it at cheaper rates than their competitors.
This has sparked concerns that China may be strategically pushing these companies to capture global markets and, therefore, may establish a vast eavesdropping network.
There are apprehensions that China might weaponise 5G technology by coercing the Chinese telecom companies to share their consumer data with the government or even force them to shut down 5G networks in times of geopolitical crisis.
Various instances and allegations of Chinese telecom companies engaging in cyber espionage in many countries have only reinforced these concerns.
Consequently, in the last few years, the United States has spearheaded a campaign to counter the Chinese telecom companies’ dominance in the 5G market.
The US government has designated Huawei and ZTE as national security threats, banned American companies from using government subsidies to buy their equipment, and barred sales of semiconductor chips without a specific licence.
These developments have shaped not only the trade dynamics between China and the United States but also the broader tech competition between democratic states and authoritarian regimes.
As a result, there have been efforts to bring together like-minded and leading democratic states to jointly tackle the tech challenge posed by authoritarian regimes such as China and Russia.

Cyber threat landscape:

5G’s cyber threat landscape extends beyond the risks of Chinese telecom companies dominance and hardware.
The fundamental drivers (geopolitical rivalries, commercial motives, and data harvesting) behind the recently increased cyberattacks and data breaches from adversarial states and other threat actors remain intact. Therefore, they will pose threats to even 5G networks.
Considering the potential role that 5G will play in national development and economic growth, it can undoubtedly be regarded as a critical infrastructure. Hence, 5G communication networks will represent a valuable target for cyberattacks, including sabotage.
In addition, as mentioned earlier, the 5G network will bring about a wider proliferation of lOT-enabled devices.
According to one estimate, by 2025, there will be approximately 27 billion connected IOT devices.
5G also inherits the vulnerability from previous generation protocols, i.e., threat actors can get hold of the International Mobile Subscriber Identity (IMSI) – the number used to identify and authenticate subscribers on the mobile network. By seizing the IMSI, threat actors can intercept mobile traffic in a defined area to monitor an individual user’s activity, including tracking location and intercepting calls.

Way Forward:

5G offers new opportunities for digitalisation and development, but the technology and network are not secure by design. Therefore, countries, like India, adopting 5G must have a cyber resilience plan in place.
Much depends on the cyber and information-security policies of the ecosystem’s various elements. Organisations connecting to the 5G network must be cognisant of the evolving threat landscape, adopt security protocols accordingly, determine their threat posture, and secure their digital infrastructure. This will need constant updating and upgrading since threat actors continue exploiting emerging vulnerabilities.
A critical element of this resilience will also be the awareness of end-users. Their cyber hygiene – their understanding of safe practices in cyberspace – can help them better tackle the threats and protect themselves.