Written By: Goh Chee Hoh, Managing Director, Trend Micro Malaysia
Amidst Malaysia’s dynamic technology landscape, a recent development has sparked excitement. Maxis, a major player in the telecommunications industry, announced its plan to sign the 5G access agreement with Digital Nasional Berhad (DNB). In an era where connectivity reigns supreme and 5G technology has the potential to be a game changer for businesses, this agreement holds profound significance. 
Now, with Maxis taking centre stage, both consumers and businesses can anticipate significantly accelerated internet speeds, reduced latency, and the capability to support a wide range of innovative applications and services, including the Internet of Things (IoT), smart cities, and telemedicine.
While the allure of 5G’s enhanced connectivity and lightning-fast speeds is undeniably exciting, businesses must grasp the fact that it concurrently amplifies the urgency of fortifying data and digital assets. This, in turn, necessitates a fresh perspective on security protocols, with 60% of businesses acknowledging the need for new security measures to integrate 5G network security with their existing platform.
In this context, as businesses rush to embrace this new frontier, a critical aspect lingers in the background—security. Many are prompted to ask: “What are the potential security concerns and considerations of embracing 5G technology?”
Exploring 5G Security Challenges and Concerns
Undoubtedly, 5G brings substantial security capabilities. Yet, like all technological advancements, the challenge lies in knowing the means to secure it effectively. This concern is further emphasised with an alarming revelation from the joint Trend Micro and GSMA Intelligence Report that 48% of operators do not have adequate knowledge or tools to discover security vulnerabilities.
An Expanded Attack Surface
To that extent, the expansion of attack surface stands out as a primary concern, given the sheer number of interconnected devices, users, and applications—expanding the attack surface and increasing the threat exposure. In fact, the Trend GSMA report indicates that 32% of operators identify expanding attack surface as a key challenge in securing 5G networks.
Increased Complexities
Furthermore, 5G’s reliance on a diverse set of technologies increases software complexity. Since there aren’t many purpose-built software for 5G, this could lead to unforeseen security flaws, code vulnerabilities, and architectural limitations when subjected to new applications and use cases.
The concerns also extend to hardware level, such as the 5G devices themselves. The potential for malware infection in chips and other components is a pressing issue, along with the susceptibility of management software to attacks. The interconnectedness of the carrier’s or organisation’s infrastructure means that a breach in any segment could spread throughout the network, magnifying the potential impact.
Encryption Issues
Another pivotal point of vulnerability lies in data transition. Lack of encryption in the early stages of the connection process can be exploited by cybercriminals as it lets them know what devices are connected to the network. This can include details like operating systems and device types, granting malicious actors’ valuable information to craft precise attack strategies.
Managing Risk
Among these challenges, the cornerstone of any robust security lies in managing risk. Given the relative newness of private 5G environments, it’s hardly surprising that only 8% of respondents in a 451 Research Survey have plans to complete their own risk evaluation. In contrast, the majority (37%) of respondents intend to rely on external partners, leveraging their expertise to complete the risk evaluation.
However, the shortage of available security experts may leave some organisations in the predicament of managing these intricacies on their own. This scenario heightens the prospect of cyber risks flying under the radar, with their potential consequences undisclosed.
5G Security Considerations to Guard the Gateway
Highlighting the absence of inherent security measures within 5G networks, the need for businesses to proactively set up the right guardrails as they integrate with 5G technology is magnified.
It is imperative for businesses to be strategic and further outlined certain factors that businesses should consider as they navigate their path towards ensuring greater security of private 5G networks.
Embracing Extended Detection and Response
As a first step, it is paramount for businesses to move beyond conventional endpoint security (EDR) and embrace Extended Detection and Response (XDR). This transition empowers businesses by broadening their scope of threat detection and response beyond endpoints to include servers, cloud, networks, and email. Such a holistic and unified view is invaluable for effectively monitoring and securing the entire attack surface.
XDR not only helps collect data but also correlates it, thus offering contextual understanding of potential threats. This, in turn, ensures that security teams are notified only about critical alerts, saving precious time and resources by avoiding false alarms. Furthermore, XDR’s cloud-specific threat detection and response functionality ensures that vulnerabilities and malicious activities within the cloud infrastructure are effectively identified and addressed — a particularly crucial aspect as businesses increasingly rely on cloud services in 5G environments.
With 5G networks expanding and businesses adopting more cloud services, XDR’s scalability, enhanced threat intelligence, reduced complexity, and effective incident response capabilities become crucial for accommodating the growing attack surface and maintaining a robust security posture.
Implementing a Strong Patching Strategy
Additionally, in a landscape of evolving threats like zero- and n-day attacks, a strong patching strategy can effectively shield critical systems by implementing timely security updates and patches. Moreover, automating various tasks such as configuration checks, traffic monitoring, access controls, and more can not only enhance efficiency and reduce the risk of human error but also facilitate navigation through complex network structures.
As 5G environments continue to evolve, security should never be an afterthought. The dynamic nature of the 5G ecosystem necessitates that security is an integral part of the planning and implementation process, safeguarding not only the network but also the valuable data it handles. Only by addressing these considerations proactively and collaboratively can we harness the benefits of 5G technology while minimising potential risks.
Safeguarding the Path Forward
The emergence of private 5G networks heralds a paradigm shift. As businesses stand at the intersection of innovation and vulnerability, they must employ a multifaceted security approach and adopt a proactive mindset.
Embracing 5G technology involves more than just breakneck speed—it is a commitment to reimagining security architectures, collaborating with industry peers, and staying ahead of cyber threats in this new era of hyperconnectivity. By understanding the security challenges and considerations, businesses can lay the groundwork for a resilient and secure 5G future.
(0)
(0)Archive
- October 2024(44)
- September 2024(94)
- August 2024(100)
- July 2024(99)
- June 2024(126)
- May 2024(155)
- April 2024(123)
- March 2024(112)
- February 2024(109)
- January 2024(95)
- December 2023(56)
- November 2023(86)
- October 2023(97)
- September 2023(89)
- August 2023(101)
- July 2023(104)
- June 2023(113)
- May 2023(103)
- April 2023(93)
- March 2023(129)
- February 2023(77)
- January 2023(91)
- December 2022(90)
- November 2022(125)
- October 2022(117)
- September 2022(137)
- August 2022(119)
- July 2022(99)
- June 2022(128)
- May 2022(112)
- April 2022(108)
- March 2022(121)
- February 2022(93)
- January 2022(110)
- December 2021(92)
- November 2021(107)
- October 2021(101)
- September 2021(81)
- August 2021(74)
- July 2021(78)
- June 2021(92)
- May 2021(67)
- April 2021(79)
- March 2021(79)
- February 2021(58)
- January 2021(55)
- December 2020(56)
- November 2020(59)
- October 2020(78)
- September 2020(72)
- August 2020(64)
- July 2020(71)
- June 2020(74)
- May 2020(50)
- April 2020(71)
- March 2020(71)
- February 2020(58)
- January 2020(62)
- December 2019(57)
- November 2019(64)
- October 2019(25)
- September 2019(24)
- August 2019(14)
- July 2019(23)
- June 2019(54)
- May 2019(82)
- April 2019(76)
- March 2019(71)
- February 2019(67)
- January 2019(75)
- December 2018(44)
- November 2018(47)
- October 2018(74)
- September 2018(54)
- August 2018(61)
- July 2018(72)
- June 2018(62)
- May 2018(62)
- April 2018(73)
- March 2018(76)
- February 2018(8)
- January 2018(7)
- December 2017(6)
- November 2017(8)
- October 2017(3)
- September 2017(4)
- August 2017(4)
- July 2017(2)
- June 2017(5)
- May 2017(6)
- April 2017(11)
- March 2017(8)
- February 2017(16)
- January 2017(10)
- December 2016(12)
- November 2016(20)
- October 2016(7)
- September 2016(102)
- August 2016(168)
- July 2016(141)
- June 2016(149)
- May 2016(117)
- April 2016(59)
- March 2016(85)
- February 2016(153)
- December 2015(150)
