The noise about lightning-fast 5G has made a buzz for years now. And even though 3G and 4G are not completely present across the US, 5G is slowly making its way and is emerging across the country. And with speed, the network is projected to offer increased security and privacy protection to users, as the wireless industry makes efforts to improve the defense mechanism for 3G and 4G.
When researchers talk about 5G, they mention that the network is bound to come with major improvements, but there still is scope for some flaws.
Features such as anti-tracking and spoofing make the 5G network a tougher target for threat actors to track and manipulate as 5G encrypts more data for better security. Additionally, the fact that 5G is more of a cloud software system compared to the older wireless networks, it is easier to monitor and spot possible threats.
Ravishankar Borgaonkar, a Research Scientist at SINTEF Digital, says, “5G has really good promise for security.” He adds, “Encrypting identifiers is a really good thing, and network slicing is a network paradigm shift. But there are still other ways that users can be tracked, and there are questions about how to guarantee the trustworthiness of the [5G] software. So, there’s always room for improvement.”
Further research by Borgaonkar and the team points several other security shortcomings in 5G to the mobile trade group GSMA. The majority of the findings focus on the fact that users can still be tracked by making use of information that remains unencrypted and is transmitted or leaked due to a flaw in the standard that allows fake base station attacks with devices called stingrays.
Amy Lemberger Cybersecurity Director, GSMA, says, “GSMA has been getting the industry ready for 5G, working on the security technology that underpins the standards which define the new secure-by-design 5G technologies.” She adds, “5G Security Taskforce” has been bringing mobile operators and vendors together so they can coordinate proactively on issues like network slicing requirements and 5G fraud models.”