5G mobile networks are still somewhat new in terms of their worldwide deployment, however, they have promising projections. They not only propose very high data transmission speeds, but also facilitate connectivity between devices. Smart appliances and any device for personal or home use that can be connected to a network will benefit from better connectivity and higher speeds. Although this latest generation of mobile networks offers many advantages, there are also several security challenges. This guide will put in context what are the main points to keep in mind about the security of all that IoT smart device compatible with 5G.
Regarding the different areas of security in 5G networks and IoT devices, we can focus on encrypting traffic through the network, IPv6 addresses and the potential DDoS attacks that could occur using these vulnerable IoT devices, in addition to others that could be carried out thanks to the vulnerabilities of 5G networks. Next, we will delve into the most essential points.
Traffic encryption on 5G networks
The IoT is a technology that maintains its emerging status and its growth occurs permanently. The fact that 5G networks are being implemented little by little, allows the number of connected devices to increase greatly. Both personal and corporate and / or industrial devices connect to the network every day thanks to their IoT features, allowing them to perform more intelligently. Consequently, the end user gets more out of each device. The number of IoT devices to be connected is close to 5 billion, and this number will be higher for next year.
There is no denying that the Internet of Things, as we know it, has facilitated network connectivity to multiple devices. Few people imagined that a light bulb could connect to the Internet. This made no sense. Today, it is established and many people use it. However, this is very attractive terrain for cybercriminals. Not to mention all the data that travels through this network. The chances of cybercriminals taking advantage of emerging technologies are very high, mainly because there are still aspects and standards to define. Security is no exception to this we mentioned.
The well-known appliance company Whirpool is working, precisely, in relation to appliances that are compatible with 5G networks. A large part of the skeleton of household appliances is made of metal, so placing a Wi-Fi antenna inside will not make it connect well to the wireless network, since the signal will bounce, however, the signal emitted through a 5G antenna it passes without problems and that IoT appliance can connect to the Internet.
But what about traffic? It is not encrypted. For this, Whirpool proposes encryption of 5G traffic. Likewise, he opted for the configuration of 5G antennas to accept only legitimate traffic. So whenever a device wants to connect to Whirpool’s ‘internal network’, that 5G antenna will check to see if it’s a licensed device. If it is not, just ignore it and you will not be able to connect. If someone wants to carry out a Man in the Middle attack, it will be practically useless because the captured traffic will be unreadable by encryption. Of course, their effectiveness will depend on what encryption algorithms they can implement.
They also contemplate the situation when the traffic generated within that Whirpool internal network goes to the Internet. The company itself comments that an additional security mechanism will be implemented that consists of the use of VPN tunnels.
Risk of much larger scale DDoS attacks
One of the most important characteristics of 5G networks has to do with security. It is characterized by having an operating environment very similar to web services, in which robust authentication methods and general security measures are applied. Consequently, the communications that occur through these networks have an extra layer of protection. However, this also has its potential source of threats. As indicated by a representative of the Nokia Threat Intelligence Lab , that 5G provides greater bandwidth to compatible devices, would give way to IoT bots with greater capacity. This increased capacity will allow the creation of botnets for extremely high bandwidth DDoS attacks.
One more detail that can compromise the security of IoT devices connected to 5G is the location. In what sense? One of the advantages of this latest generation of mobile networks is that it facilitates connectivity in remote locations. The downside of this is that many of the IoT compatible devices are likely to have limitations when it comes to maintenance or upgrades. So practically by default, these devices become vulnerable to attack.
On the other hand, many of these devices work through Linux distributions. So they are practically used as computers. Unfortunately, many users do not have in mind the fact that they need antivirus-antimalware protection and updates. In the event that they become infected, they could host content, malware and / or viruses, data related to Command & Control and any other feature that collaborates with cybercriminal attacks.
Something more worrisome? Several of the IoT devices do not have the ability to store logs of both inbound and outbound traffic. This means that cybercriminals and their attacks have practically no visible trace in the event that they want to track attack events.
The danger of IPv6 addresses and spoofing attacks
The number of IPv6 addresses is much greater in relation to those that are IPv4. We know that it is a fact that IPv4 addresses are almost entirely occupied. The move towards 5G networks will involve a huge number of devices, which will not be supported at all by IPv4. If these devices go to IPv6 by default, they will not have private addresses but public ones. Remember that a public IP address is visible and traceable on the Internet. Consequently, it is extremely important to pay attention to the migration from IPv4 to IPv6, which will be public by default; those devices that are used in corporate environments must migrate to IPv6 in a mandatory way, guaranteeing that the addresses are private and they do not have access from the Internet.
What happens to spoofing attacks? It is good to know that 5G networks do not have a separate network architecture from previous generations. This means that any vulnerability present, for example, in 4G networks will be present in this latest generation of mobile networks. One of the most significant 4G vulnerabilities has to do with the GTP protocol. The latter is a communication protocol typical of mobile networks, especially those of 3G and 4G. It allows the management and control of the generated traffic and the vulnerability consists in that it is possible to obtain and interpret the corresponding traffic data of the users. So, spoofing attacks could be carried out which, of course, harm the experience of the affected users.
One of the most considerable vulnerabilities of this protocol is that it does not verify the location of the user, not even if it were by triangulation. The latter makes it difficult to differentiate between legitimate and illegitimate traffic. Spoofing attacks are extremely easy to carry out, even more so if the data necessary for them is very accessible to get through the dark web.
Finally, is it convenient that we move forward with the adoption of IoT devices for our day to day? Even more if they are compatible with 5G networks? Everything seems to indicate that this generation in networks has not yet reached its point of maturity in terms of security standards. Although, to be honest, previous generations like 4G have maintained the aforementioned vulnerabilities with GTP. So it is a matter of adjusting nuts on the way to a truly beneficial and safe mobile technology for all.