Meeting 5G’s Extreme IoT Security Demands with Network-Based Solutions
While 5G has been a conversation piece for many years, it is now quickly shaping up to be a global reality. Recently, Verizon expanded its 5G Ultra Wideband service into more cities across the United States. Samsung has also started announced its lineup of 5G devices, the Galaxy A51 5G and A71 5G. Soon, other Communication Service Providers (CSPs) and smart device manufacturers will follow suit, and before we know it, 5G will completely disrupt connectivity, and more specifically, Internet of Things (IoT) connectivity.
In fact, according to a report from Cisco, 5G’s faster broadband (10 to 20 times faster than 4G) will enable 12 billion mobile-ready devices and IoT connections by 2022 compared to 9 billion in 2017. While this is great news for the rising number of smart device users globally, the increased connectivity can be taxing for IoT security. The combination of higher bandwidth and lower latency is a double-edged sword. While it enables new, exciting use cases like Vehicle-to-Vehicle and telemedicine, it is critical to not lose sight of the fact that it expands the scope of security threats, such as ransomware and botnets, among others.
What We Can Learn from IoT Attacks
If the past IoT-based attacks have taught us anything, it is that bad actors are always looking for a “weak link.” The inherent vulnerability in IoT devices makes them easy to hack and use them to build botnets. It also takes less than 18 seconds for an IoT device to be attacked once it is open to the Internet.
Some of the largest known distributed denial of service attacks (DDoS) were based on IoT devices. One of the more notable examples of an IoT-based attack is the 1 Gbps DDoS attack from October 2016 caused by an IoT botnet on the Mirai malware. This attack took down the DNS provider’s server, causing large portions of the Internet to be unavailable on the East coast of the U.S., including services like Twitter, Netflix and CNN. Now a new variant of Mirai, the Mukashi botnet, has surfaced and is targeting critical vulnerabilities in network-attached storage devices.
Clearly, with 5G’s bandwidth and latency giving rise to additional threat vectors within CSP networks, and hackers getting more sophisticated in their attack methods, real-time threat detection is vital. Unfortunately, currently available end-point security solutions that protect devices like laptops and mobile phones fall short when it comes to securing IoT devices such as surveillance cameras and digital signage. Only network-based solutions can offer this comprehensive level of security.
Resolving IoT Security Issues with In-line Network-Based Solutions
When new IoT devices and corresponding software are created, risk reduction is frequently an afterthought. It is not always a top priority for device makers to collaborate and create security measures with service providers since no initial implementation incentive is seen due to a lack of profit and competition on the security side of software development. That said, most service providers are in fact ideally positioned to deliver network-based security solutions as a value-added service for their customer base which provides them with an additional competitive advantage and a clear path to increased revenue.
Virtualized 5G networks offer a platform for a range of new services that can be delivered through the network, with no installation or upgrading required at the subscriber’s premises. A security solution that operates at the network level can discreetly protect IoT devices against malware and botnets by identifying and blocking infections using behavioral analysis on network traffic. Network-based solutions also enable remote remediation of suspect devices that block communications with bot command and control servers and other malicious servers based on reputation.
These network-based value-added services can be provisioned and managed by the CSP to provide customers with an additional layer of in-line security for their IoT devices. CSPs can also enable customers to configure services through a self-care portal that provides access to comprehensive IoT device communication behavior analysis and traffic intelligence and control.
The increasing availability of IoT is widening the threat landscape and 5G will only further their security vulnerabilities as it powers new IoT devices. As such, CSPs must work together with customers to offer protection on the network plane to defend existing and new IoT connections from new and ever-more complex attacks.
This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.