The Connected Future | 5G Deployment challenges open the gateway to Hackers
Dr. Evangelo Damigos; PhD | Head of Digital Futures Research Desk
- Connected Intelligence
- Sustainable Growth and Tech Trends
Publication | Update: Mar 2020
The Connected Future | 5G Deployment challenges open the gateway to Hackers
The 5G benefits, like greater speeds and increased operational efficiencies, lead to more innovations and a significant change in how we do business.
But 5G also creates new opportunities for hackers.
According to Ericsson research, from a user perspective, 5G is inherently different to any of the previous mobile generations. Machine-type communication, enabled by 5G, is widely anticipated to become the strategic difference and unique selling point of 5G in the long run. 5G networks will serve as critical infrastructures to facilitate the digitization, automation and connectivity to machines, robots and transport solutions etc. Thus, there is significant value at stake and, so too, a significantly different tolerance for risk
Gartner Survey Reveals Two-Thirds of Organizations Intend to Deploy 5G by 2020
Gartner predicts that 66% of organizations will take advantage of these benefits and adopt 5G by 2020 — with 59% of them planning to use 5G to support the Internet of Things across their business.
Sixty-six percent of organizations have plans to deploy 5G by 2020, according to a new 5G use case and adoption survey by Gartner. Organizations expect 5G networks to be mainly used for Internet of Things (IoT) communications and video, with operational efficiency being the key driver.
To fully exploit 5G, a new network topology is required, including new network elements such as edge computing, core network slicing and radio network densification. “In the short to medium term, organizations wanting to leverage 5G for use cases such as IoT communications, video, control and automation, fixed wireless access and high-performance edge analytics cannot fully rely on 5G public infrastructure for delivery,” added Mr. Fabre.
Status of 5G Deployment
“In terms of 5G adoption, end-user organizations have clear demands and expectations for 5G use cases,” said Sylvain Fabre, senior research director at Gartner. “However, one major issue that 5G users face is the lack of readiness of Communications Service Providers (Csps). Their 5G networks are not available or capable enough for the needs of organizations.”
Gartner predicts that, by 2022, half of the CSPs that have completed commercial 5G deployments will fail to monetize their back-end technology infrastructure investments, due to systems not fully meeting 5G use case requirements. “Most CSPs will only achieve a complete end-to-end 5G infrastructure on their public networks during the 2025-to-2030 time frame — as they focus on 5G radio first, then core slicing and edge computing,” said Mr. Fabre.
Mr. Fabre added that this is because CSPs’ 5G public networks plans vary significantly in timing and scope. CSPs will initially focus on consumer broadband services, which may delay investments in edge computing and core slicing, which are much more relevant and valuable to 5G projects.
Gartner advises that, to meet the demands of businesses, technology product managers planning 5G infrastructure solutions should focus on 5G networks that offer not only 5G radio but also core slicing and edge computing infrastructure and services for private networks. CSPs alone may not fully satisfy the short-to-midterm demands of organizations that are keen to deploy 5G quickly.
“Private networks for enterprises will be the most direct option for businesses that want to benefit from 5G capabilities early on,” said Mr. Fabre. “These networks may be offered not only by CSPs but also directly by infrastructure vendors — and not just by the traditional large vendors of infrastructure, but also by suppliers with cloud and software backgrounds.”
Already, manufacturers including Nokia, Samsung, and Cisco have either started developing 5G enterprise solutions or have publicly announced plans to do so.
In the enterprise, full deployment of private 5G networks will take time, as it requires significant investments to upgrade legacy network infrastructures, observers say. In the meantime, there are instances of devices in the workplace already operating on a 5G network.
But using IoT devices without a private 5G network or adequate technical knowledge could put organizations' and their employees' privacy at risk.
"You absolutely have to have [5G security] on your radar right now," said Monique Becenti, channel and product specialist at cybersecurity provider SiteLock. It's also critical to have security measures in place for personal data.
"If you're using a mobile device for banking transactions you're leaving that susceptible to an attacker intercepting that data,'' she said. "With 5G, our main concern is with IoT innovations."
Often, developers face pressure to get software quickly to market so critical testing could be missed, Becenti said. "With 5G this isn't any different--especially in a market where security may not be top of mind."
She pointed out that the IoT devices market isn't regulated and therefore not required to meet certain security requirements, despite cyberattacks like the Mirai botnet in 2016 and 2018. "Devices are open right now and susceptible … so there are more potential entry points for attackers" that are scanning for open ports in the devices' software so they can deploy malicious bots and scripts.
Telecom provider Ericsson concurred, saying that it is imperative that IoT devices are secure from the start to protect personal data, business-sensitive information, and critical infrastructure.
5G expands cyber risks
There are five ways in which 5G networks are more susceptible to cyberattacks than their predecessors, according to the 2019 Brookings report, Why 5G requires new approaches to cybersecurity.
- The network has moved away from centralized, hardware-based switching to distributed, software-defined digital routing. Previous networks were hub-and-spoke designs in which everything came to hardware choke points where cyber hygiene could be practiced. In the 5G software defined network, however, that activity is pushed outward to a web of digital routers throughout the network, thus denying the potential for chokepoint inspection and control.
- 5G further complicates its cyber vulnerability by virtualizing in software higher-level network functions formerly performed by physical appliances. These activities are based on the common language of Internet Protocol and well-known operating systems. Whether used by nation-states or criminal actors, these standardized building block protocols and systems have proven to be valuable tools for those seeking to do ill.
- Even if it were possible to lock down the software vulnerabilities within the network, the network is also being managed by software—often early generation artificial intelligence—that itself can be vulnerable. An attacker that gains control of the software managing the networks can also control the network.
- The dramatic expansion of bandwidth that makes 5G possible creates additional avenues of attack. Physically, low-cost, short range, small-cell antennas deployed throughout urban areas become new hard targets. Functionally, these cell sites will use 5G’s Dynamic Spectrum Sharing capability in which multiple streams of information share the bandwidth in so-called “slices”—each slice with its own varying degree of cyber risk. When software allows the functions of the network to shift dynamically, cyber protection must also be dynamic rather than relying on a uniform lowest common denominator solution.
- Finally, of course, is the vulnerability created by attaching tens of billions of hackable smart devices (actually, little computers) to the network colloquially referred to as IoT. Plans are underway for a diverse and seemingly inexhaustible list of IoT-enabled activities, ranging from public safety things, to battlefield things, to medical things, to transportation things—all of which are both wonderful and uniquely vulnerable. In July, for instance, Microsoft reported that Russian hackers had penetrated run-of-the-mill IoT devices to gain access to networks. From there, hackers discovered further insecure IoT devices into which they could plant exploitation software.
To be sure, the new capabilities that will be made possible by applications on 5G networks hold tremendous promise, the Brookings report said. While the emphasis is on the connected future, at the same time there must be a strong focus on the security of those connections, devices, and applications, the report said.
Top Use Cases for 5G
IoT communications remains the most popular target use case for 5G, with 59 percent of the organizations surveyed expecting 5G-capable networks to be widely used for this purpose. The next most popular use case is video, which was chosen by 53 percent of the respondents.
“The figure for IoT communications is surprising, given that other proven and cost-effective alternatives, such as Narrowband IoT over 4G and low-power wide-area solutions, already exist for wireless IoT connectivity,” said Mr. Fabre. “However, 5G is uniquely positioned to deliver a high density of connected endpoints — up to 1 million sensors per square kilometer.”
“Additionally, 5G will potentially suit other subcategories of IoT that require very low latency. With regard to video, the use cases will be varied. From video analytics to collaboration, 5G’s speed and low latency will be well suited to supporting 4K and 8K HD video content,” added Mr. Fabre.
From the 5G network point of view, trust in IoT devices is based on trustworthiness of the device's hardware, software, and configuration, as well as the applications running on it, Ericsson said. It will also be defined by how well network operators and those who manage IoT devices govern:
- Identities and data
- Security and privacy
- Actor compliance with agreed security policies, end-to-end
For their part, businesses can enhance security by ensuring patches are applied in the form of software updates, Bencenti said. "They should also be properly testing these devices in QA [quality assurance] testing before they go to market, and ensure they close any open ports that lead to exposed entry points."
The lack of regulations for 5G security, "is why these attacks happen day in and day out" and is also the reason, "2019 was considered the worst year for cybercrime,'' Bencenti said.
"To build 5G on top of a weak cybersecurity foundation is to build on sand," the report said. "This is not just a matter of the safety of network users, it is a matter of national security."
"If nothing is done to regulate security behind this nothing will get better,'' she said. "So we can only communicate with consumers to tell them what best practices" they should follow, such as choosing strong, unique passwords and being aware of their cybersecurity posture.
Objectives and Study Scope
This study has assimilated knowledge and insight from business and subject-matter experts, and from a broad spectrum of market initiatives. Building on this research, the objectives of this market research report is to provide actionable intelligence on opportunities alongside the market size of various segments, as well as fact-based information on key factors influencing the market- growth drivers, industry-specific challenges and other critical issues in terms of detailed analysis and impact.
The report in its entirety provides a comprehensive overview of the current global condition, as well as notable opportunities and challenges.
The analysis reflects market size, latest trends, growth drivers, threats, opportunities, as well as key market segments. The study addresses market dynamics in several geographic segments along with market analysis for the current market environment and future scenario over the forecast period.
The report also segments the market into various categories based on the product, end user, application, type, and region.
The report also studies various growth drivers and restraints impacting the market, plus a comprehensive market and vendor landscape in addition to a SWOT analysis of the key players. This analysis also examines the competitive landscape within each market. Market factors are assessed by examining barriers to entry and market opportunities. Strategies adopted by key players including recent developments, new product launches, merger and acquisitions, and other insightful updates are provided.
Research Process & Methodology
We leverage extensive primary research, our contact database, knowledge of companies and industry relationships, patent and academic journal searches, and Institutes and University associate links to frame a strong visibility in the markets and technologies we cover.
We draw on available data sources and methods to profile developments. We use computerised data mining methods and analytical techniques, including cluster and regression modelling, to identify patterns from publicly available online information on enterprise web sites.
Historical, qualitative and quantitative information is obtained principally from confidential and proprietary sources, professional network, annual reports, investor relationship presentations, and expert interviews, about key factors, such as recent trends in industry performance and identify factors underlying those trends - drivers, restraints, opportunities, and challenges influencing the growth of the market, for both, the supply and demand sides.
In addition to our own desk research, various secondary sources, such as Hoovers, Dun & Bradstreet, Bloomberg BusinessWeek, Statista, are referred to identify key players in the industry, supply chain and market size, percentage shares, splits, and breakdowns into segments and subsegments with respect to individual growth trends, prospects, and contribution to the total market.
Research Portfolio Sources:
Global Business Reviews, Research Papers, Commentary & Strategy Reports
M&A and Risk Management | Regulation
The future outlook “forecast” is based on a set of statistical methods such as regression analysis, industry specific drivers as well as analyst evaluations, as well as analysis of the trends that influence economic outcomes and business decision making.
The Global Economic Model is covering the political environment, the macroeconomic environment, market opportunities, policy towards free enterprise and competition, policy towards foreign investment, foreign trade and exchange controls, taxes, financing, the labour market and infrastructure. We aim update our market forecast to include the latest market developments and trends.
Review of independent forecasts for the main macroeconomic variables by the following organizations provide a holistic overview of the range of alternative opinions:
As a result, the reported forecasts derive from different forecasters and may not represent the view of any one forecaster over the whole of the forecast period. These projections provide an indication of what is, in our view most likely to happen, not what it will definitely happen.
Short- and medium-term forecasts are based on a “demand-side” forecasting framework, under the assumption that supply adjusts to meet demand either directly through changes in output or through the depletion of inventories.
Long-term projections rely on a supply-side framework, in which output is determined by the availability of labour and capital equipment and the growth in productivity.
Long-term growth prospects, are impacted by factors including the workforce capabilities, the openness of the economy to trade, the legal framework, fiscal policy, the degree of government regulation.
Direct contribution to GDP
The method for calculating the direct contribution of an industry to GDP, is to measure its ‘gross value added’ (GVA); that is, to calculate the difference between the industry’s total pretax revenue and its total boughtin costs (costs excluding wages and salaries).
Forecasts of GDP growth: GDP = CN+IN+GS+NEX
GDP growth estimates take into account:
All relevant markets are quantified utilizing revenue figures for the forecast period. The Compound Annual Growth Rate (CAGR) within each segment is used to measure growth and to extrapolate data when figures are not publicly available.
Our market segments reflect major categories and subcategories of the global market, followed by an analysis of statistical data covering national spending and international trade relations and patterns. Market values reflect revenues paid by the final customer / end user to vendors and service providers either directly or through distribution channels, excluding VAT. Local currencies are converted to USD using the yearly average exchange rates of local currencies to the USD for the respective year as provided by the IMF World Economic Outlook Database.
Industry Life Cycle Market Phase
Market phase is determined using factors in the Industry Life Cycle model. The adapted market phase definitions are as follows:
The Global Economic Model
The Global Economic Model brings together macroeconomic and sectoral forecasts for quantifying the key relationships.
The model is a hybrid statistical model that uses macroeconomic variables and inter-industry linkages to forecast sectoral output. The model is used to forecast not just output, but prices, wages, employment and investment. The principal variables driving the industry model are the components of final demand, which directly or indirectly determine the demand facing each industry. However, other macroeconomic assumptions — in particular exchange rates, as well as world commodity prices — also enter into the equation, as well as other industry specific factors that have been or are expected to impact.
Forecasts of GDP growth per capita based on these factors can then be combined with demographic projections to give forecasts for overall GDP growth.
Wherever possible, publicly available data from ofﬁcial sources are used for the latest available year. Qualitative indicators are normalised (on the basis of: Normalised x = (x - Min(x)) / (Max(x) - Min(x)) where Min(x) and Max(x) are, the lowest and highest values for any given indicator respectively) and then aggregated across categories to enable an overall comparison. The normalised value is then transformed into a positive number on a scale of 0 to 100. The weighting assigned to each indicator can be changed to reﬂect different assumptions about their relative importance.
The principal explanatory variable in each industry’s output equation is the Total Demand variable, encompassing exogenous macroeconomic assumptions, consumer spending and investment, and intermediate demand for goods and services by sectors of the economy for use as inputs in the production of their own goods and services.
Elasticity measures the response of one economic variable to a change in another economic variable, whether the good or service is demanded as an input into a final product or whether it is the final product, and provides insight into the proportional impact of different economic actions and policy decisions.
Demand elasticities measure the change in the quantity demanded of a particular good or service as a result of changes to other economic variables, such as its own price, the price of competing or complementary goods and services, income levels, taxes.
Demand elasticities can be influenced by several factors. Each of these factors, along with the specific characteristics of the product, will interact to determine its overall responsiveness of demand to changes in prices and incomes.
The individual characteristics of a good or service will have an impact, but there are also a number of general factors that will typically affect the sensitivity of demand, such as the availability of substitutes, whereby the elasticity is typically higher the greater the number of available substitutes, as consumers can easily switch between different products.
The degree of necessity. Luxury products and habit forming ones, typically have a higher elasticity.
Proportion of the budget consumed by the item. Products that consume a large portion of the consumer’s budget tend to have greater elasticity.
Elasticities tend to be greater over the long run because consumers have more time to adjust their behaviour.
Finally, if the product or service is an input into a final product then the price elasticity will depend on the price elasticity of the final product, its cost share in the production costs, and the availability of substitutes for that good or service.
Prices are also forecast using an input-output framework. Input costs have two components; labour costs are driven by wages, while intermediate costs are computed as an input-output weighted aggregate of input sectors’ prices. Employment is a function of output and real sectoral wages, that are forecast as a function of whole economy growth in wages. Investment is forecast as a function of output and aggregate level business investment.