By Sarosh Bana, Mumbai Correspondent.
When hundreds of flights to and from American airports were cancelled and thousands of air passengers left stranded following the rollout of the fifth-generation, or 5G, wireless services across the United States last week, fears arose about the potential of misuse of such a potent technology.
The new 5G networks, which have a spectrum of 3.7 to 3.98 GHz known as the C-band, can interfere with the adjacent operating frequencies of 4.2 to 4.4 GHz of the radio altimeters on planes that measure their elevation by beaming electromagnetic pulses and listening for their reflected signals.
The cyber term for frequency interference is hacking, and one liability that needs to be addressed is whether the 5G technology lends itself to be weaponised by malicious actors and terrorists. If 5G networks can jeopardise flights and disrupt services so completely on a mass scale, could they also be leveraged to simplify and facilitate terrorism?
It is pertinent to consider this aspect as 5G gets adopted more widely across the world.
Warning that 5G networks “will be an attractive target for criminals and foreign adversaries to exploit for valuable information and intelligence”, a study last year reveals that their rollout introduces significant risks that threaten economic security, and other global interests.
The study, Potential Threat Vectors to 5G Infrastructure, was conducted by the US’s Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), and the Office of the Director of National Intelligence.
Undoubtedly, 5G technology represents a complete transformation of telecommunication networks, introducing a vast array of new connections, capabilities, and services, advancements that will provide the connection for billions of devices and pave the way for applications that will enable new innovation, new markets, and economic growth around the world. However, while the transition to 5G presents a wealth of opportunities and capabilities, it also introduces “significant risks that threaten national security, economic security, and impact other national and global interests”, the study indicates.
5G system architectures are being designed and developed to meet increasing data, capacity, and communications requirements, and although 5G component manufacturers and service providers are enhancing security through technology improvements, both legacy and new vulnerabilities may be exploited by malicious actors. Also, 5G networks will use more ICT components than previous generations of wireless networks, which could provide malicious actors with other vectors to intercept, manipulate, disrupt, and destroy critical data.
“The increased capacity of 5G facilitates the proliferation of the Internet of Things (IoT), which adds numerous and potentially less secure devices into the 5G network,” finds the study. “This increased diversity of components can lead to complexity within the 5G architecture and may introduce unforeseen, overall system weaknesses or vulnerabilities.”
As new 5G components and technologies are developed and deployed, new weaknesses will emerge. Future 5G systems architecture, such as software defined networking, cloud native infrastructure, network slicing, and edge computing, may enhance attack surfaces for malicious actors to exploit. The overlay of 4G legacy and 5G architectures, for instance, could provide the opportunity for a malicious actor to carry out a downgrade attack, where a user on a 5G network could be forced to use 4G, thereby allowing the malicious actor to exploit known 4G vulnerabilities. Such threats and vulnerabilities could adversely affect organisations and users.
The implications of 5G came to the fore when then US President Donald Trump in 2018 signed an executive order that prohibited China’s giant telecommunications equipment maker Huawei from selling telecom gear in the United States. Under Trump, US-China relations were torn to shreds, primarily because of his view of China as a direct national security threat, and of Huawei as a Chinese surveillance company with ties to the military that would pose a grave risk to American communications networks.
Washington’s placement of Huawei on an entities list forced even American companies to obtain a special licence to sell products and services to Huawei, while the Commerce Department, in turn, made efforts to block even foreign companies from working with the Chinese firm.
With Trump and his advisors bent on finishing off Huawei, the once colossal 5G titan with $100 billion in global sales found it difficult to survive.
The American broadside continued when last November, President Joe Biden signed a law, the Secure Equipment Act of 2021, that banned Chinese tech companies like Huawei and ZTE from getting approval for network equipment licences in the US. “The presence of these insecure devices in our networks is the threat, not the source of funding used to purchase them,” said Federal Communications Commission (FCC) Commissioner Brendan Carr.
Strengthening networks can also threaten key bandwidths, as those of the military where bandwith is particularly critical as it facilitates communications capacity. Armed forces across the world function on strategic bandwidths allocated to them, and their demand for communications capacities is ever on the rise. As the services transition to new force structures that are knowledge-based and network-centric, with increasing communications-on-the-move and interoperability, they require high bandwidth to support augmented capacities, high volume data exchanges, and high assurance of connectivity.
Any breach of such military networks can expose men and material to high risk and gravely undermine security.
An October report on ‘China, 5G, and NATO Security’ by the Washington-headquartered German Marshall Fund of the United States sees strong, modern telecommunications infrastructure capable of intercepting and withstanding hybrid interference as a prerequisite for NATO to deliver on its key mission of collective defence. The report notes that this infrastructure in Europe is, however, largely privately owned, and as such is left exposed to the risk of external interference and susceptible to economic decisions that can neglect national security aspects if not clearly regulated by law.
“Russia is no longer the only state actor resorting to various types of hybrid tactics on NATO territory: China, too, has been using various sophisticated political and non-military tactics to advance its political and economic influence,” mentions the report. “In the face of these existing threats, it is imperative for NATO and the EU to delineate their scope of action, especially in instances—such as telecommunications—where the line between civil and military infrastructure is not clearly marked.”
Developments in the 5G sphere compel a multinational effort to heighten supply chain and network security in both the civilian and military realms. Preventing disaster will be preferable to fighting it.
