While 3G and 4G cell tech have their own well known security issues, so does 5G, including the recently announced 5G network slicing security issues (see here). But this is probably not the big concern for 5G security.
The hype around 5G is that we can use it for everything and anything. And we probably will.
So the first issue is that if we are moving 100 times the amount of data that we are moving today and the risk of any bite of data being compromised is exactly the same (likely not, but that is a different issue), then it is likely that 100 times the amount of data that is being breached today will be breached when 5G is fully deployed.
The next issue is that in order to make all this 5G nirvana happen, there is going to need to be a lot of software written. I am sure that all of this software will be bug free. Like Windows or iOS or any other modern software. Which is why vendors often release 100 patches every month. Buggy software leads to breaches. Move “use cases” for 5G lead to more breaches.
But this is probably the biggest issue.
What is that data and system being used for. If you own a self driving car and that car has software and that software can be updated “over the air”, can you guarantee that those updates will be secure? I am sure that SolarWinds said their update process was secure, also. How did that work out?
Here is an article on how to hack a Tesla. Over the air. Without touching the car.
What if that hacked update tells the car to drive into a tree. We basically saw a prototype of this on 60 Minutes a couple of years ago when researchers took control of a Jeep driving down the highway at 60 miles an hour.
You say that is unlikely. Maybe. But we have already seen lower tech versions of this used in targeted assassinations.
Of course, right now, we don’t have any idea how hackers will structure their attacks.
What if a hacker took over the control of your car via some 5G wiz bang feature that you absolutely have to have and then told you that if you transferred a million dollars (or whatever) to the hacker, they would NOT drive your car into that tree? Or what if you have a 5G controlled medical device like an insulin pump. Give me your money or I will up your dosage by a factor of 100. We saw a very low tech version of that last month when an attacker increased the amount of a chemical going into a Florida water treatment plant by 100 times. Luckily, someone saw that happen and was able to fix it. As 5G automates more of this, the luck will run out.
Right now nation state actors are only trying to steal our money.
What if those same actors (for example Russia or North Korea) instead focused on destroying our critical infrastructure? I am sure that all of those thousands or tens of thousands of providers have 100% secure systems. How about 50% secure. Probably not.
Hackers typically go after the weak link. Since there seems to be an incredible rush to deploy 5G, I am quite certain that there will be no security holes in any of the applications; no blind spots and no human weaknesses.
That is the risk behind 5G.
Curiously, this conversation came from an interview with Verizon’s executive director of security services. At least he understands the problem; maybe he can have a positive impact on things. Credit: The Record