How the 5G revolution could increase mobile security—and opportunities for hackers
As 5G becomes a bigger part of our lives, security experts warn telecoms deploying 5G networks, companies making products that connect to 5G networks, and end users need to think seriously about security.
In a series of interviews with Fortune, security experts said 5G, a new, ultra-fast mobile network technology that can deliver speeds of up to 2Gbps and will eventually replace today’s 4G LTE, can both improve overall security and create more opportunities for malicious hackers to target users.
“Like with any new technology, 5G provides opportunities for both the good guys and hackers,” says Monique Becenti, a product specialist at website security company SiteLock.
5G, Becenti says, will work with a vast array of corporate networks, applications, and devices that will call on it for a variety of needs, ranging from managing the smart home to operating autonomous cars. But all of those implementations also create opportunities for hackers to attack.
“With more networks and applications utilizing 5G, it may increase exposure to attacks for businesses and consumers,” she adds.
Forrester analyst Paul McKay sees an equal possibility of 5G improving and limiting security, and is concerned that the millions of new devices that could connect to 5G networks over time could pose threats if they’re not properly secured. However, McKay notes that 5G comes with security requirements assigned by telephony standards organization 3GPP that could be critical in the fight against hackers.
“[5G] has many enhanced security features over 4G, such as improved integrity protection mechanisms, encryption, and better protection against attempts to introduce rogue radio devices and other non-authorized devices,” McKay says. “Authorization and authentication of mobile devices is far stronger when implemented correctly (in 5G) than in 4G, leading to increased device identity protection.”
The connection speed improvements that 5G offers could create better data-processing opportunities for companies, Becenti says. And that data processing could be used to detect and respond to security threats before they become a bigger concern, boosting overall cybersecurity efficiency.
“It allows businesses to utilize the Internet of Things and other computing applications to more effectively analyze data, detect threats and enhance cybersecurity for the end-user,” he adds.
But 5G security may not be a binary debate between better or worse, says Dimitrios Pavlakis, a digital security analyst at ABI Research. Pavlakis believes 5G security will depend upon its implementation in devices and networks.
“Multiple security aspects must be reworked for each different implementation” of 5G, he says.
A new attack vector
All the experts interviewed for this piece agree that malicious hackers will actively seek opportunities to attack both consumers and corporate users over 5G. The implications of that—and on the theft of critical information—could be significant.
“The stakes are high in 5G security, because these networks will be an important component of future critical infrastructure that will become closely integrated with our digital economy and society,” says Elsa Kania, an adjunct senior fellow at the Technology and National Security Program at the Center for a New American Security.
Kania envisions a time when hackers can use 5G exploits to “threaten public safety and critical industries in future smart cities” that would use the next generation networks.
“The talk of a race to 5G is problematic because speed must not come at the expense of security,” Kania says.
Luckily, that race has only just begun. While 5G is being deployed in dozens of countries around the world, it’s far from ubiquitous. And the vast majority of consumers and enterprise users around the world are still using 4G technology. That gives the industry time to build networks and devices that connect to those networks, all while keeping security in mind.
“If 5G is implemented correctly and we apply the security measures that are built into the standards, we will ultimately be able to improve security,” says McKay.
But he cautions that it will take time.
“It will take a few years and bumps in the road before we get it right,” he says.
And during that rough period, consumers and enterprise users will need to focus on keeping their data safe as threats arise.
More must-read stories from Fortune:
—How Apple defied the odds to post the biggest quarterly profit ever
—Oracle and Google are about to face off in tech’s trial of the century
—Can San Francisco be saved?
—Did the ‘techlash’ kill Alphabet’s city of the future?
—Predicting the biggest tech headlines of 2020
Catch up with Data Sheet, Fortune’s daily digest on the business of tech.