By IC Bala Prasad Peddigari, IEEE Senior Member, Growth and Transformation Innovation Leader, TCS
The high-speed communication that comes with 5G has undoubtedly opened a host of opportunities for the future of tech. According to a recent Ericsson Mobility Report, massive IoT will contribute to 51% of cellular IoT connections and 5G subscriptions are expected to reach 4.4 billion by 2027. These findings promise to deliver reliable and secure high data rates. However, each device that is connected in the 5G enabled IoT ecosystem, opens a surface for the channels that allow the sensing, collecting, and processing vast amount of information at high speed. This process accumulates a huge amount of data that is highly prone to many security challenges because of the interconnectivity between the billions of devices participating in the IoT landscape – and inevitably making them vulnerable to attacks.
Furthermore, the integration of edge cloud in the context of 5G enabled IoT has opened many new use-cases, where multiple tenants can leverage the local compute power of edge devices, edge gateway and edge data centers. This triggers many data security threats, and it requires taking measures to protect attack surfaces from advanced persistent threats, web application vulnerabilities, API security, and lateral propagation.
As the density of devices is over a million per square kilometer, the attack surface has multiple channels that can be exploited and result in threats to data passing through the wire. Common attacks like Supply Chain Attacks, Network attacks, and BotNets can be mutated and replicated with ease across the channels. Other attacks include:
• Man in the middle: The first attacker expropriates the transmitted messages and then attempts to update or delete the messages before forwarding them to the receiver
• Impersonation attack: The attacker effectively determines the identity of the actual communication party and generates a message on behalf of the ‘‘genuine communicating party’’ to send to the recipient.
• Bidding Down: This is a cryptographic attack to abandon the higher quality order of operation when compared to the lower quality order of operation
• Reply Attack: Happens when an attacker intercepts the exchanged messages and then deceitfully delays or re-transmits them to the receiving entity.
• Eavesdropping: Also called a sniffing attack, happens when an attacker eavesdrops on the exchanged messages among the communicating parties. This is one of the most important attacks to be aware of in 5G-enabled IoT communications as it helps attackers launch more attacks.
• Traffic Attack: Another form of passive attack in which the attacker intercepts and examines an exchanged messages to figure out what is being shared
• Masquerading Attack: Leverages fake identity to access personal information through unauthorized access using legitimate access identification.
Some of the other common interfaces where attacks are prone to happen include User Plane Function, Signaling Plane, Physical capturing of deployed devices, insider attack, database attack, malware attack, and Radio interfaces.
Data in each of these surfaces need to be safeguarded with the right security measures – the depth of defense strategy is far more important than ever. Organizations need to ensure that security protocols in such environments are trustworthy in nature, such as Key Management Protocols, User authentication/authorization protocols, access control protocols, and intrusion detection protocols. Businesses can keep the following security considerations and properties in a 5G enabled IoT communication: authentication procedures, the integrity of the data, confidentiality of data, authorization procedure, non-repudiation property to ensure data is sent only once, availability property to ensure information is available to genuine entities, and backward secret property to ensure previously transmitted messages are not accessed by a newly deployed device in the network.
All that said, ensuring data security in 5G enabled IoT communication is far more important than ever for a successful deployment of the technology across industries like healthcare, security, finance, automation, etc. With that, we are in for a massive transformation with 5G-enabled IoT
