Battle at the edge: How the convergence of 5G and IoT are opening a new front for threat actors

One of the enduring truths about the Internet lies in its power to connect – to information and applications, to our homes, and of course, to one another. The flip side of course, is that the more we facilitate these connections, the more vulnerable we become.

The forthcoming rollout of 5G and continued mass adoption of IoT represent two distinct yet converging macro technology trends that promise to transform the way we work and live. Moreover, as bandwidth capacity surges and more connected things come online, we will witness the further dissolution of the network perimeter as more applications and data get pushed to ‘the Edge’.

But with this untold potential also comes an assortment of risk factors and novel attack vectors that threat actors are already finding ways to exploit.

As the age-old security axiom goes, ‘you’re only as secure as your weakest link’ – as we accelerate the speed and volume of connected devices and people, one thing is for certain: there will be no shortage of weak links.

A tidal wave of connected things

We’ve all seen read the stats about the exponential growth of connected things – be they industrial sensors, wearables, smart home devices, or vehicles. Analyst firm IDC forecasts that there will be more than 41 billion connected devices by 2025 or a bit more than four connected devices for every human being on the planet.

Meanwhile, IDC projects the number of 5G connections will balloon from roughly 10 million in 2019 to more than one billion and that 5G will represent 8.9% of all mobile transactions by 2023.

Not only will there be significantly more connected things, but the next wave of things promise to be both smarter and more multi-purposed than current generation IoT devices - the vast majority of which are little more than Internet-enabled beacons that wirelessly transmit and receive small packets of data. Rather, the connected things of tomorrow will embed software, compute and processing capabilities which will require low-latency, high-throughput wireless networks to realize their full potential.

IoTs in the crosshairs

Since the current generation IoT devices were designed primarily as simple connectivity points, it’s hardly surprising that threat actors have been actively targeting them.

Compounding the problem is the fact that since IoT devices are so easy to deploy, they are often forgotten as these ‘unmanaged devices’ are not typically subject to the same rigorous security inventory asset tracking rules and regulations as other ‘valued’ IT assets. Because these devices are connected to the same network as users, servers and applications, they represent a potential back door just waiting to be kicked in.

And we’ve already witnessed frightening examples of how attackers are leveraging these weak links to gain a foothold and overwhelm a network. The Mirai botnet is perhaps the most notorious example of an attack that strung together hundreds of thousands of compromised devices and ultimately succeeded – albeit unintentionally – in knocking out Internet access across the East Coast in 2016.

Mirai wasn’t an especially sophisticated piece of code but rather what made it so effective was its ability to scan networks for large blocks of open Telnet ports and then used a simple credential stuffing script populated with the most frequently used username/passwords default combos that were never updated. In this manner the IoT botnet swelled to more than 600,000 devices – a misfit zombie army comprised of routers, air quality sensors, surveillance cameras, and even DVRs.

While the types of attacks are alarming on their own, the stakes are even higher when it comes to attacks on critical infrastructure by which a successful breach of IIoT connected devices could have catastrophic consequences. On top of this, legacy communications protocols such as GPRS Tunneling Protocol (GTP) which have shown to be vulnerable, will continue to be used by 5G networks.

It’s evident that a new security management paradigm, one based on adaptive software-defined rules and unified management capabilities will need to evolve alongside these converging trends.

In software we trust

As the renowned entrepreneur and venture capitalist Marc Andreessen famously quipped a decade ago, ‘software is eating the world’. While the main thrust of his argument was that every company needs to think like a software company, the same principles are particularly resonant to the current state of cybersecurity and speak to why a software-minded approach will be required to secure the billions of connected things from being turned against us.

This of course is the fundamental premise of a Zero Trust framework which seeks to challenge everyone and anything attempting to connect to the network. Just like you wouldn’t let a stranger into your house and then ask them what they want, Zero Trust directs you to treat the network as hostile until proven otherwise. And it accomplishes this through a software-defined approach to network security whereby bits and bytes are given primacy as a first line of defense versus the unwieldy network appliances that were simply never designed to meet the challenges of today’s distributed network.

A Zero Trust software-enabled framework provides a number of advantages to enterprise organizations looking to wrest back control of their network through:

Simplified micro-segmentation: Zero Trust provides a superior framework for facilitating micro-segmentation at the workload or device level, enabling network administrators to restrict devices to specific segments, prevent overentitlement, and limit lateral threats regardless of device type, network, or location
Automated access control: According to the Verizon DBIR report, human-based network configuration errors continue to be one of the leading causes of data breaches. A software-driven Zero Trust approach can mitigate these avoidable mistakes by automating how, when and where devices are connecting to the network.
Unified & seamless policy extension: Instead of having to define new rules as devices are added to the network, Zero Trust enables organizations to unifiy their security policies and extend the principles of ‘least privilege’ access to specific devices independent of underlying architecture.

As with any new disruptive innovation, we must strive to strike a balance between risk and reward. While it’s exciting to ponder the possibilities of a world powered by 5G and an constellation of connected things, we must first establish a secure foundation to support these innovations. A software-based, Zero Trust security framework represents our best chance at securing the Edge from the connected things of tomorrow.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.