According to SHERRY ZAMEER of Gemalto, if we don’t build robust security into our 5G networks, we will miss the big opportunity this technology offers us.
The current expectation is that the first commercial 5G networks will be rolled out in 2020, just two years away. The early adopters will naturally be those countries whose 4G networks are already in place, but there is no doubt that African players are already busy laying the foundations for their future 5G plays.
“It is clear that 5G has huge potential to unlock all sorts of new solutions, especially as an enabler for the Internet of Things, but all the behind-the-scenes preparatory work will be wasted if security is not prioritised,” says Sherry Zameer, Senior VP IOT in CISMEA region at Gemalto. “5G has the potential to transform the use case for mobility dramatically, but it will require innovative and robust security solutions to be in place.”
Big operators in Africa will be gearing up to demonstrate the performance jump 5G offers: download speeds of 20 gigabits per second meaning that there is very little delay between transmission and reception of a signal. This “immediate” response to commands is essential for many futuristic applications; driverless cars, for example, need split-second responses, as do critical health care and industrial applications.
Sherry Zameer says that Gemalto is deeply engaged in helping develop security standards, primarily interacting with industry organisations like the GSMA (which represents the interests of mobile operators) and NGMN (Next Generation Mobile Networks).
As one might expect, many of the characteristics that make 5G so attractive create some of these critical security vulnerabilities:
5G will be critical for the Internet of Things.
5G’s speed and latency alone will make it a key platform for the expanding Internet of Things. Also, it will enable virtualised network infrastructures designed for specific uses. The result will be a mix of open-source and proprietary software and hardware on the network. This will mean that traditional mobile networks built on hardware/ software combinations provided by trusted vendors will become much more heterogeneous—and will provide a greater attack surface than current cellular networks.
5G will enable a much more flexible use of “edge” resources to take load off the core network. The caching of local content will change the way that data and cellular communications are stored—and secured.
The nature of the threat will change.
As more and more devices come onto the 5G network, mobile networks’ traditional focus on preventing eavesdropping will be supplanted by a need to protect against data manipulation and similar types of attack. Such attacks could be used to instruct a machine to perform an unwanted action, like opening a factory gate to robbers, taking control of an autonomous vehicle or disabling warning systems.
A complicating factor will be that many of the devices connected to the network will not be able to encrypt communications, the traditional first line of network defence. Another issue will be the sheer volume of machine-to-machine communication—maintaining the confidentiality and integrity of this data will be no sinecure.
This complex threat landscape will mean that both network operators and the manufacturers of consumer electronics will have the opportunity to provide security as a service. These offerings would be graded to the level of threat to the particular data stream, and its importance.
“Africa is pre-eminently mobile when it comes to communications technologies and the Internet. 5G thus has a potentially important role to play as the continent seeks to establish itself as a player in the global economy,” Sherry concludes. “We must not fall into the trap of just seeing it as a technical and financing challenge: if we don’t build robust security into our 5G networks, we will miss the big opportunity this technology offers us.”