Covering Disruptive Technology Powering Business in The Digital Age

Safeguarding the 5G Revolution — Security Essentials for Businesses

Written By: Goh Chee Hoh, Managing Director, Trend Micro Malaysia


Amidst Malaysia’s dynamic technology landscape, a recent development has sparked excitement. Maxis, a major player in the telecommunications industry, announced its plan to sign the 5G access agreement with Digital Nasional Berhad (DNB). In an era where connectivity reigns supreme and 5G technology has the potential to be a game changer for businesses, this agreement holds profound significance.

Now, with Maxis taking centre stage, both consumers and businesses can anticipate significantly accelerated internet speeds, reduced latency, and the capability to support a wide range of innovative applications and services, including the Internet of Things (IoT), smart cities, and telemedicine.

While the allure of 5G’s enhanced connectivity and lightning-fast speeds is undeniably exciting, businesses must grasp the fact that it concurrently amplifies the urgency of fortifying data and digital assets. This, in turn, necessitates a fresh perspective on security protocols, with 60% of businesses acknowledging the need for new security measures to integrate 5G network security with their existing platform.

In this context, as businesses rush to embrace this new frontier, a critical aspect lingers in the background—security. Many are prompted to ask: “What are the potential security concerns and considerations of embracing 5G technology?”

Exploring 5G Security Challenges and Concerns

Undoubtedly, 5G brings substantial security capabilities. Yet, like all technological advancements, the challenge lies in knowing the means to secure it effectively. This concern is further emphasised with an alarming revelation from the joint Trend Micro and GSMA Intelligence Report that 48% of operators do not have adequate knowledge or tools to discover security vulnerabilities.

An Expanded Attack Surface

To that extent, the expansion of attack surface stands out as a primary concern, given the sheer number of interconnected devices, users, and applications—expanding the attack surface and increasing the threat exposure. In fact, the Trend GSMA report indicates that 32% of operators identify expanding attack surface as a key challenge in securing 5G networks.

Increased Complexities

Furthermore, 5G’s reliance on a diverse set of technologies increases software complexity. Since there aren’t many purpose-built software for 5G, this could lead to unforeseen security flaws, code vulnerabilities, and architectural limitations when subjected to new applications and use cases.

The concerns also extend to hardware level, such as the 5G devices themselves. The potential for malware infection in chips and other components is a pressing issue, along with the susceptibility of management software to attacks. The interconnectedness of the carrier’s or organisation’s infrastructure means that a breach in any segment could spread throughout the network, magnifying the potential impact.

Encryption Issues

Another pivotal point of vulnerability lies in data transition. Lack of encryption in the early stages of the connection process can be exploited by cybercriminals as it lets them know what devices are connected to the network. This can include details like operating systems and device types, granting malicious actors’ valuable information to craft precise attack strategies.

Managing Risk

Among these challenges, the cornerstone of any robust security lies in managing risk. Given the relative newness of private 5G environments, it’s hardly surprising that only 8% of respondents in a 451 Research Survey have plans to complete their own risk evaluation. In contrast, the majority (37%) of respondents intend to rely on external partners, leveraging their expertise to complete the risk evaluation.

However, the shortage of available security experts may leave some organisations in the predicament of managing these intricacies on their own. This scenario heightens the prospect of cyber risks flying under the radar, with their potential consequences undisclosed.

5G Security Considerations to Guard the Gateway

Highlighting the absence of inherent security measures within 5G networks, the need for businesses to proactively set up the right guardrails as they integrate with 5G technology is magnified.

It is imperative for businesses to be strategic and further outlined certain factors that businesses should consider as they navigate their path towards ensuring greater security of private 5G networks.

Embracing Extended Detection and Response

As a first step, it is paramount for businesses to move beyond conventional endpoint security (EDR) and embrace Extended Detection and Response (XDR). This transition empowers businesses by broadening their scope of threat detection and response beyond endpoints to include servers, cloud, networks, and email. Such a holistic and unified view is invaluable for effectively monitoring and securing the entire attack surface.

XDR not only helps collect data but also correlates it, thus offering contextual understanding of potential threats. This, in turn, ensures that security teams are notified only about critical alerts, saving precious time and resources by avoiding false alarms. Furthermore, XDR’s cloud-specific threat detection and response functionality ensures that vulnerabilities and malicious activities within the cloud infrastructure are effectively identified and addressed — a particularly crucial aspect as businesses increasingly rely on cloud services in 5G environments.

With 5G networks expanding and businesses adopting more cloud services, XDR’s scalability, enhanced threat intelligence, reduced complexity, and effective incident response capabilities become crucial for accommodating the growing attack surface and maintaining a robust security posture.

Implementing a Strong Patching Strategy

Additionally, in a landscape of evolving threats like zero- and n-day attacks, a strong patching strategy can effectively shield critical systems by implementing timely security updates and patches. Moreover, automating various tasks such as configuration checks, traffic monitoring, access controls, and more can not only enhance efficiency and reduce the risk of human error but also facilitate navigation through complex network structures.

As 5G environments continue to evolve, security should never be an afterthought. The dynamic nature of the 5G ecosystem necessitates that security is an integral part of the planning and implementation process, safeguarding not only the network but also the valuable data it handles. Only by addressing these considerations proactively and collaboratively can we harness the benefits of 5G technology while minimising potential risks.

Safeguarding the Path Forward

The emergence of private 5G networks heralds a paradigm shift. As businesses stand at the intersection of innovation and vulnerability, they must employ a multifaceted security approach and adopt a proactive mindset.

Embracing 5G technology involves more than just breakneck speed—it is a commitment to reimagining security architectures, collaborating with industry peers, and staying ahead of cyber threats in this new era of hyperconnectivity. By understanding the security challenges and considerations, businesses can lay the groundwork for a resilient and secure 5G future.