5GWith 5G, will your thermometer need malware protection?

With 5G, will your thermometer need malware protection?

Cybersecurity, Technology , , , ,

5G is perhaps the biggest critical infrastructure build the world has seen in twenty-five years.  It will allow for the connection of millions of Internet of Things (“IoT’) devices.  However, with these added benefits comes related vulnerabilities and cybersecurity risks. 

What are the specific cybersecurity risks are associated with the 5G network?

First, the 5G network itself can pose many security risks.  The 5G infrastructure is built using many components, each of which may be corrupted through an insecure supply chain.  Significantly more software is being used allowing for more entry points and more potential vulnerabilities.  Similarly, more hardware devices are required (cell towers, beamforming devices, small cells, etc.), and each one of these hardware devices must be adequately secured.  Small, local cells may be more physically accessible and therefore subject to physical attack.  Further, 5G will be built, in part, on legacy 4G LTE components – which themselves can have vulnerabilities.

Second, with specific focus on IoT devices, cybersecurity protections will need to become much more granular and more capable of being deployed on less intelligent “Things.”  Historically, one could think of a Thing as a device that can be connected to a network, but which lacked sufficient processing power to handle more advanced computations.  Things are “dumb.”  By connecting a processor, we could make such dumb Things “smart.”  These new smart IoT devices are interesting vectors of attack by malicious actors and further confound overall cybersecurity programs.  The ability to detect a cyber attack on a light bulb will require additional cybersecurity solutions.

Finally, with 5G facilitating the implementation of more IoT devices, more sensitive data may be stored requiring the need to protect edge computers servicing the IoT device.  If we consider the ubiquity of thermometer scanning now and how those and similar IoT devices could easily become part of 5G, then we begin to understand the seemingly exponential possibility for threat vectors on our networks.  We may have sensitive data (Am I sick?  What time do I show up for work?) and we may have the concern that a malicious actor may look to infect a network through a Thing. Will thermometers need malware protection?  More devices arguably allow for more places for a hacker to attempt to attack and thus the possibility of a greater availability of distributed denial of service (DDOS) attacks.  There were reports of Things being used collectively to deny service with the LTE network.  With 5G, the concept of an army of coffee makers attacking by all issuing a request to an address will become a greater possibility and manufacturers could be liable to other parties if their insecure Things are used to deny the service of someone else.

Regardless of the attack vector, incident response practices are universal, and Beckage’s Incident Response Team can help prepare your team from IoT and other attacks.

What potential solutions are available to mitigate this risk?

Companies looking to incorporate 5G should partner with experienced tech counsel who can assist by reviewing contracts, conducting risk assessments, and evaluating and updating incident response plans and procedures to account for any additional risks associated with 5G.

In addition, there are already some attempts at governmental solutions.  In March 2020, President Trump issued a National Strategy to Secure 5G – requiring, in relevant part, that the Unites States must identify cybersecurity risks in 5G.

The CISA (Cybersecurity & Infrastructure Security Agency) also issued some documents relating to the security of 5G.  Similarly, we are seeing a push for international standards and certain untrusted companies have had their products banned from use.  The Federal government is using regulations to limit the adoption of equipment that may contain vulnerabilities.

So, what is the solution?  The same as always.  Innovation.  Businesses are encouraged to develop trusted solutions and innovation in this space.  Advanced cybersecurity monitoring and protection by design will continue to be needed.

The Beckage Team of lawyers, who are also technologists, is well-versed in new and emerging technologies and works with clients to facilitate innovation through the use of IP protections.  We also assist companies in the implementation new technologies, like 5G, taking into consideration the cybersecurity, data privacy, and regulatory obstacles associated with their use.  From patent acquisition to policy drafting and review, Beckage attorneys are here to help your company capitalize on innovation.

*Attorney Advertising. Prior results do not guarantee future outcomes. 

Subscribe to our Newsletter

Medical Devices_ Narrowing the Information Security Threat SurfaceMedical Devices: Narrowing the Information Security Threat Surface

Medical Devices: Narrowing the Information Security Threat Surface

Data Security ,

With the ever-expanding technology ecosystems of organizations, including the proliferation of Wi-Fi-enabled technology and interconnected smart devices, it’s no surprise that cybersecurity risks have increased. With a similar expansion of internet-of-medical-things, medical devices are increasingly at the forefront of potential threats. Last June, the U.S. Food and Drug Administration warned patients and health care providers that certain insulin pumps were being recalled because of vulnerabilities that could allow an outsider to connect and change a nearby pump’s settings. Hackers themselves have been sounding the alarm about these kinds of potential attacks, but doctors, hospitals and manufacturers have been slow to respond, due to limited resources and limited understanding of the threats and risks.

Read More
How IoT Will Impact Data Security & Privacy For BusinessesHow IoT Will Impact Data Security & Privacy For Businesses

How IoT Will Impact Data Security & Privacy For Businesses

Data Security , , , ,

You’ve probably heard the buzz about the Internet of Things (IoT) – a suite of emerging technologies that promises great value to businesses, individuals and society. As broadband internet and Wi-Fi capable devices become more readily available, and reduced costs in technology supply chain fuel innovation, the number of IoT devices and applications is estimated to grow into the billions. What’s more, the nature and applicability of IoT is constantly evolving. According to the Government Accountability Office, IoT “can be used in almost any circumstance in which human activity or machine function can be enhanced by data collection or automation.” IoT is clearly the future, enabling new efficiencies and technological capabilities for businesses looking to grow and compete in a competitive marketplace. But before businesses jump into this next big thing, it’s critical to understand exactly what IoT is and how it will impact data security and privacy issues.  

Read More