The government believes that the rollout will transform how UK businesses will communicate and work in the future.
However, the introduction of faster connectivity will also present an opportunity for cybercriminals to target more devices and launch more wide-reaching cyber-attacks.
5G will increase bandwidth and reduce packet sizes. With this, mobile devices will be much easier to target as smaller sized malware can be delivered undetected, typically via applications. Due to the issues of malware payload size and bandwidth have traditionally limited the amount of attacks on mobile devices. But, as we move to 5G and beyond, these limitations will inevitably disappear, and mobile phones will almost certainly be subjected to increasingly complex – and numerous - malware attacks. Businesses need to start implementing cybersecurity solutions that will help them mitigate these risks now, given that 5G is coming into general use.
IoT devices vulnerabilities
Apart from mobile, IoT devices will also become a top target for hackers looking to disrupt and exploit businesses. Everything from baby monitors to cars is now hackable, with the amount of IoT devices growing at a rapid pace. Hackers can already monitor poorly secured devices en masse, with many devices using default passwords such as ‘admin’, or ‘password’.
The likelihood of hackers finding an IoT device is high – and with faster connectivity, discovering these devices will become even easier. Using a botnet, hackers can take control of IoT devices and use them as weapons in a cyber-attack to take control of thousands of devices at a time. With 5G, hackers will be able to extract information faster than ever before; making personal data and customer information secure should therefore be even more of a priority.
Remote working exploitation risks
When cyber-criminals launch a targeted campaign, they are usually looking to extract the most sensitive and valuable information. Therefore, industries such as banking, legal, transport, and logistics will be at the top of the list of priority targets, as sensitive information makes up the core of their business.
This challenge is already a headache for most – but with 5G, it could easily become much worse. As more of these organisations promote the benefits of working out of office, employees are more likely to be lax in following appropriate security policies when working remotely, providing another gateway for threat actors to exploit. Then there is the careless insider to consider. Employees who may not understand or may lack the necessary foresight to follow the company’s security and compliance policies are becoming an even bigger liability with better connectivity.
Lack of cyber education
Employees have no clue of the multiple cyber threats that organisations face on a day-to-day basis, such as phishing attacks, impersonation attempts, and ransomware. This indicates that businesses need to invest a lot more in training their workforce about cybersecurity before they roll out 5G across their entire organisation. Despite the best intentions and the latest internal protection procedures, companies run a high risk of attack due to an employee’s lack of knowledge of the threats they should be defending themselves against. Human error caused ninety per cent of data breaches last year (see article).
Many employees admit to using their company issued-devices for non-work-related matters, which are almost impossible to protect against. This causes a variety a problem for IT teams when it comes to prevention: as employees feel more comfortable using their company-issued devices, it becomes increasingly difficult for employers and IT departments to know exactly what these employees are engaging with. Evidently, it seems that unless organisations address this fundamental flaw of not educating their employees about new and active threats, they risk exposing themselves to a greater chance of very serious and expensive cyber-attacks.
Do you find this article useful? Comment below...