Securing IoT in a 5G World
By Joseph Cortese
Ask ten industry experts how 5G will impact their life and you’ll get ten different answers, as each of them are using the technology in different ways. For auto manufacturers, it’s all about connected vehicle technology. Telecommunication companies are preparing for the next generation of mobile devices, while the healthcare industry is preparing to embrace new technologies such as telemedicine.
Even with different goals, however, one thing is for certain: they are all connected to a rapidly expanding Internet of Things (IoT).
The increased demand for connectivity and 5G network-enabled IoT devices is causing device vendors to rush to be first to market, clamoring for dominance in a relatively new, untapped market. This wave of competition may push some vendors to sacrifice security testing for speed, allowing potential vulnerabilities to remain hidden in the backend of devices. While we hope vendors will take their time and ensure security vulnerabilities are tested, the addition of thousands of new devices provides an opportunity for malicious online parties and threat actors to penetrate the market with greater force.
Once a threat actor has access to a device, they may use lateral movement to access other devices that would usually be inaccessible. The expansion of 5G networks will allow more options for access, and because the technology is so new, it will take time for device vendors to identify how they can combat exploited vulnerabilities and secure the network.
For example, penetration testers were performing the first protocol downgrade attacks in 4G LTE ten years ago. At the lowest level, these attacks carried serious consequences and exposed flaws, allowing threat actors easy access to a network. Although 5G networks will have stronger security protocols than 4G, it is still possible for flaws to be inherited and for even simple attacks to have significant effects.
As businesses move into the 5G era, the most important thing to understand is that any IoT device connected to a network can be vulnerable to cyberattacks. This includes cell phones and laptops, but also extends to more simple devices such as Wi-Fi-enabled picture frames or other smart home devices like televisions. Unfortunately, simple devices like photo frames often run on older versions of operating systems with well-known flaws and applicable exploits. These devices may look innocent sitting on a colleague’s desk but become a vulnerable endpoint if connected to the network.
As the complexity of a device increases, its attack surface area may decrease. Laptops, for example, can run threat protection software that a simple IoT gadget could not. While there is no golden rule for what devices are more vulnerable compared to others, the best defense is to understand the risks that a specific device can carry and pay attention to its environment.
For vendors that manufacture IoT devices, it will become critical to integrate security modules low in their pipeline, starting in development and carrying through all steps of the production process. These companies should also integrate routine penetration testing and vulnerability scanning into their process for new and current IoT devices. The only way to stay ahead of threat actors is to constantly update IoT devices and ensure firmware does not grow old or become deprecated.
Unfortunately, the development of software solutions suffer from lack of security throughout the development process of IoT products or services, causing the initial flaw early in development, and the lack of frequent updates continues to plague the IoT landscape. Emphasis on monitoring, penetration testing and continuous vulnerability analysis will greatly reduce the threat surface for these new devices entering and residing on the 5G ecosystem.
Even though they are not involved in the development process, there are still many steps that businesses can and should take to secure their networks. For example:
- Set up continuous monitoring to ensure all critical network-connected nodes are scanned for vulnerabilities before threat actors have the chance to exploit them.
- Set up an alert threshold to ensure alerts are triggered in real-time. Many companies have access to security information and event management (SIEM) software and can set specific rules to identify malicious activity in network traffic and log data. Reviewing these alerts and rules should become a standard part of preparation for monitoring 5G IoT devices.
Encourage your employees to take simple steps to protect themselves, such as avoiding using the same username and password combinations and enabling two-factor authentication. For any portals that are accessible to employees or customers, two-factor authentication should be the default. Just last year, OWASP released guidance for the Top 10 IoT Vulnerabilities and it’s no surprise the top spot is related to weak or guessable passwords. Today, brute force remains an effective (but time-consuming) method of access. If Ring had enabled 2FA for users by default and had brute force protection enabled for user accounts, their portal would not have been easily accessed by hackers.
5G networks are exciting and will open the door to many new possibilities for new technologies and devices, but it is important to keep in mind that nothing is ever 100 percent safe. By staying aware of what connected devices are on a network, what they are used for and who is using them, it is entirely possible to create a secure ecosystem of 5G-enabled devices and embrace their potential with minimal risks.