5G security: does more data mean increased risk?
The volume and value of data will increase in the era of 5G
It’s easy to overhype 5G, but it’s not an exaggeration to suggest the arrival of the next generation network represents the most significant development in the history of mobile communications.
The transitions from 2G to 3G, and 3G to 4G, both delivered significant performance enhancements and new capabilities that have allowed mobile technology to become an integral part of everyday life.
5G is no exception, offering gigabit speeds and greater capacity that will allow for a faster and more reliable connection. But it is the ultra-low latency that will be truly transformational. As part of the shift to 5G, mobile operators are rebuilding their networks so the time it takes for data to be sent across the network is significantly reduced.
What this all means is that 5G will enable entirely new applications in the areas like virtual and augmented reality and artificial intelligence (AI), while also allowing users to stream higher quality video and engage in real-time multiplayer gaming.
But it’s not just about applications and people. 5G is the first generation of mobile network to be designed for machine-to-machine (M2M) communication, enabling a whole range of new use cases that promise to change how we live, work and play.
The possibilities are seemingly endless – but could this new era of ubiquitous connectivity introduce new security risks?
The challenge to privacy
The biggest security challenge that 5G networks pose is to our privacy. 5G networks will enable new kinds of applications and will allow us to connect more devices to the network (and to each other), encouraging us to capture and share more and more of our personal data. Some of which may never have been captured digitally before.
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
For example, eHealth applications will collect extremely personal data about our bodies and wellbeing, connected car services will monitor our movements and smart city applications will collect information about how we live our lives.
This data collection will be accelerated by the sheer number of connected objects. It is thought that in the 5G future, the smartphone will become a super-connected hub for other personal devices like smartwatches.
Meanwhile, as the first generation of mobile connectivity to be designed for M2M communication, your 5G-enabled devices will 'talk' to countless sensors that comprise the connected world.
All of this is an opportunity to harvest more data.
The threats of 5G
There’s no doubt that in the vast majority of cases, this data will be used ethically and will be useful to the user. However, the increased volume and variety of information makes it more valuable to attackers who have nefarious intentions.
The scope for blackmail, identity theft, and even personal safety would be potentially limitless. For example, what if an attacker was able to access to a 5G-enabled camera or connected car application? Some are also concerned that because 5G needs more network sites to compensate for reduced range, that the location data held by operators would be more accurate, potentially giving hackers your exact address.
Meanwhile, the increased number of connected devices means more targets and launchpads for attacks. If just one of your devices isn’t configured correctly, then it might be possible for cybercriminals to steal data or launch a more widespread attack using a botnet.
Built-in security
The threat to privacy is one of several reasons why the debate about 5G security has become so prominent in the media. As more sensitive data is transmitted across the network and more mission-critical applications become reliant on 5G, the risk of an attack, service outage, or state-sponsored surveillance operation becomes increasingly unpalatable.
Insecure infrastructure – either by accident or design – is simply too great a risk to contemplate. The good news is that mobile operators are ensuring security is built into the fabric of their 5G networks.
5G is a more secure standard than 4G, while more stringent testing requirements and security obligations at a national and international level should minimize the risk of vulnerabilities in telecoms equipment.
Despite recent debates about the security of Huawei kit in the UK, there's no evidence to suggest that any major vendor is a risk, and operators are likely to build their networks in a way that minimizes the risk of an outage or anyone accessing your data.
5G networks comprise three main elements. The radio network transmits data from your phone to the mast, the transport network sends this from the mast to the core network, and the core network processes the data and sends it back again. The core is the most sensitive part of the network as it handles all the main customer data.
Operators will use a mixture of suppliers in each part of the network and, just for added piece of mind, Huawei kit will only be used at a radio level in the UK. This should be of little concern because, as one major operator said, hacking a phone mast is so pointless you might as well hack a phone.
What can you do?
It’s important to recognize that there's no reason for 5G networks to be any less secure to use than 4G. A mobile network can never be 100% fail-safe, but it’s significantly safer to use than public Wi-Fi, for example.
5G enables ‘network slicing’, which allows operators to effectively ring-fence part of the network for a dedicated user or application, guaranteeing speed and capacity, and stopping anyone else from accessing that bandwidth. It’s also worth bearing in mind that all data sent over 5G is encrypted.
Meanwhile, mobile operators are working to ensure their services are as secure as possible at an infrastructure level. It’s not surprising, given a report from Ericsson found that four out of ten people consider the security and trustworthiness of a network to be important considerations when picking a provider.
What 5G does change significantly, is the applications and devices that we will use. This means the precautions you take to secure your device are even more important.
Basic measures such as using a PIN code or biometric security to access your smartphone should be the bare minimum. You should only grant permissions to applications you trust, use encrypted applications where possible, and you should be wary of granting access to health or location data if there isn’t a clear need for it.
If you’re not convinced, then bear in mind future 5G devices will offer increasingly advanced security options and it appears as though there is some demand. It may sound like science fiction, but according to Ericsson, 29% of people would like DNA authentication to be a biometric security option.
It’s unlikely that the debate about best practices and protection will go away any time soon, such is the growing importance of mobile connectivity to everyday life. But at least it means the mobile industry is committed to finding answers.
And if you’re bored of it already, you’ll be delighted to know that work on 6G has already started.
5G Uncovered, in association with Samsung, brings you everything you need to know about the next wave of connectivity - not just how fast it's going to be, but in just how many ways it's going to change your life. Our 5G Uncovered hub is carefully curated to show everything there is to know about the next generation of connection.
- Best privacy apps for Android in 2019
Steve McCaskill is TechRadar Pro's resident mobile industry expert, covering all aspects of the UK and global news, from operators to service providers and everything in between. He is a former editor of Silicon UK and journalist with over a decade's experience in the technology industry, writing about technology, in particular, telecoms, mobile and sports tech, sports, video games and media.