As stakeholders roll out new 5G network services, significant questions have arisen around the central concept of 5G mobile security.
Essentially, rather than addressing new problems introduced by the newer 5G capabilities, mobile security for 5G tends to focus on the raft of existing cybersecurity issues that have not been addressed in the rollout, that will continue to bedevil a system that is growing richer, faster, and more pervasive in the general user community. A tech report from earlier this year at Brookings by Tom Wheeler and David Simpson explains the phenomenon this way:
“In a world of interconnected networks, devices, and applications, every activity is a potential attack vector.”
In a key sense, the addition of billions more connected devices provides a much greater collective attack surface. Then, other innovations also usher in their own risks: for instance, the emergence of the SD-WAN means that in addition to tools within networks, companies must evaluate the software defining the network itself.
Another major component of mobile security (or insecurity) is that the best practices attached to smartphone security clash with the culture of phone use. Traditional cell phones are personal accessories that we use for casual communications. But Bring Your Own Device created a bifurcated use case where suddenly, company data was being kept on these personal devices. That security problem has never been solved, and it’s due to get worse with the influx of connectivity associated with 5G.
Physical Site Attack Vectors
We have seen the ubiquity of purely digital network attacks propagated through the global internet, with exploits such as WannaCry and Heartbleed. But some lesser known threats have been proliferating, for the most part, under the radar.
A class of systems referred to as International Mobile Subscriber Identity-Catcher or IMSI can be weaponized in many convenient and frightening ways. Reports of IMSI devices mounted on drones or surreptitiously planted in airports or other public spaces show the potential to eavesdrop and collect user data on the fly.
The ramifications are shocking: by setting up these aggressive hidden connections in public, hackers are going on the offense, drawing in unsuspecting users into their webs. Some of these connections may look legitimate and seem like they are targeting specific types of traffic other than general user traffic, but they may, in fact, cast wider nets.
The Fix
With so many threats out there to smartphone data, and such diversity of attacks, it seems almost impossible to go about providing comprehensive security. However, some of the same broader ideas that allow for all sorts of malicious hacking can also help users and enterprises to circle the wagons and protect data on mobile device networks.
Setting up security at the network level allows threat monitors to work within the fabric of the active communications network. Part of that proactive work involves identifying IMSI stations, false hot spots, and any other type of connection that is attempting to trap a phone user in a Trojan horse data breach scenario.
At the same time, security experts have learned the value of the hidden network.
Abstracting the device from a traditional address system and transparent architecture foils hackers. IMSI users, MITM attackers, DDoS attackers and others rely on being able to pinpoint a vulnerable device. Providing security in the network hides the user’s device profile, thus keeping the device in stealth mode when it comes to hacker outreach.
New approaches to internal network security illustrate how modern, cutting-edge network cybersecurity works. Through a system of network opacity and active threat identification, the system both hides the user’s connection from hackers, and reaches out to spot hacker connection attempts. This one-two punch can throw even the most sophisticated mobile attack structure back on its heels.
As one last pillar of mobile cybersecurity design, next-generation “virtual mobile network” cybersecurity systems do the mission-critical network defense work without intruding on performance. As edge systems, the tools do not require the installation of hardware on the device, so there’s a more frictionless adoption process. Look for these sorts of state of the art cybersecurity products to stay protected in the coming IoT age.