Latest insights from the Economist Intelligence Unit’s Global Barometer show that 41% of execs think 5G is now less important than it was before the pandemic. There are numerous reasons why this could be the case, one being that 4G and home broadband has been proven to be up to the job of supporting home working. 

There’s also no escaping the headlines that surround 5G and political espionage. They read like a script from House of Cards. Presidents, prime ministers, heads of foreign intelligence services and global corporate leaders, providing the colorful characters that are essential in any good political drama. It could well have made some organizations rethink their plans for adopting 5G enabled technologies and wait until there can be more assurances on security.

New technologies 

The latest edict by the UK government is a pretty clear statement. It has promoted many industry insiders to say that it will take years to exchange kit, possibly even a decade for some operators, as they take on the heavy lifting of removing core network components and finding alternative suppliers. The financial impact is huge: operators will have to find additional budget to purchase the kit, conduct validation and integration testing, overhaul their service wrap around offers and factor in the time and cost of retraining employees on new technology. 

Achieve new ambitions related to driverless cars

Despite all this, many carriers have made very public statements that they will progress with 5G as planned, some are even accelerating plans. The insight available to them confirms that there is still a good proportion of businesses and pubic bodies that see its value. It’s a way to propel smart city development and connectivity, and to achieve new ambitions related to driverless cars, and highly automated manufacturing for example. 5G therefore remains a rolling stone and regardless of the core network kit, security needs to be designed in, not bolted on, at every step of network and application design and build.

New rules for working

The pandemic has shaken up how we live and work. It has brought home the necessity for ultra-fast, affordable and agile communications everywhere. It’s also proved a fertile hunting ground for scammers keen to exploit the public’s thirst for up to the minute news. Click bait has been rife and it still forms one of the most effective ways to distribute malware and ransomware.

Unprotected VPNs have added to the risks, as companies scrambled to roll out remote access at mass scale. It overburdened their security infrastructure and created vulnerabilities all in the name of getting home working ramped up quickly. Some companies have learnt the hard way that maintaining patches on software and keeping on top of the security education their employees receive is vital to protect operations from attack.

Rural vs urban working

The move to home working has also brought to light discrepancies in speed and access to communications, reigniting the rural versus city investment debate.

We’ve seen some companies say that employees can now work anywhere, and others downsize their office footprints. This is opening the door for people to swap city living and commutes for more rural locations.

5G roll out plans typically focus on large cities and towns, but is this still the right strategy? I’d suggest that operators need to step back and look at the larger global trends and update their plans.

Connected cows and beyond

For example, farming and the environment has to be a planning priority now. To meet the needs of a predicted 9 billion people in 2050, farming supply will need to increase by 50%. COVID-19 has brought into sharp focus how precarious the global food supply chain is. In addition, this increase needs to be met with technology to make agriculture more efficient in order to preserve the world’s natural resources while meeting these goals.

COVID-19 has brought into sharp focus how precarious the global food supply chain is

The vision of the ‘connected cows’ is mooted as a way to solve global food security. As such, farming and the environment are set to gain greatly from technologies and applications enabled by 5G Internet of Things (IoT). But the benefits will only be realised if the connectivity and security is in place.

The vast network of IoT sensors that will be used to improve farming inefficiencies, increase welfare standards and reporting, as well as efficiently manage food manufacturing will generate an abundance of data.

Highly sensitive data

This data will range from highly sensitive sets related to pricing and employees, critical data related to yield management and compliance, to more transactional weather and water sensor data. Ensuring continuity will be essential to not just farming productivity and meeting standards, but also protecting IP or personal information throughout the supply chain and preventing a cyberwar intended to starve people.

Corporate espionage is a very real threat to manufacturing at the moment, and as farming becomes more connected, it’s expected this threat will extend as far as the farmyard. Not only that, protests against government handling of policies related to food poverty or overproduction could be done using ‘hacktivism’. It’s easy to buy a hack these days and start an online attack to make your point. So, as farming adopts technology models we usually see in the corporate world of pharma and finance, it too may become a target.

Healthcare goes truly national

The much talked of vision for the virtual GP accelerated in the pandemic, helping people see a GP without leaving the house.

Governments have had a very real glimpse into the importance of connected healthcare in terms of saving money and time. There is now a greater likelihood that nursing teams will be given mobile devices that can access and update patient records in real-time, GPs will scale down consultation space in favour of online appointments, and prescriptions will be automatically filled and delivered at the click of a button. Comprehensive 5G networks can help make more of this happen particularly in remote areas where health care is scarce, of that there is no doubt, and this is before we get into the exciting prospect of remote brain surgery that 5G can facilitate.

The pandemic also exposed the precarious nature of online healthcare

But the pandemic also exposed the precarious nature of online healthcare. Patient data remains a sitting duck, as illustrated perfectly by breaches we saw across the world both in public and private delivery. At its very worst, nation state attacks pose a significant threat to public health and it’s essential there is local and global collaboration to ensure data is protected.

This threat won’t wane. In fact, it is increasing as we drive more innovation and connectivity. Security experts have their work cut out. But it’s not impossible to achieve secure networks and applications, so long as we don’t put profit before people.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

Author profile

Michael O'Malley Vice President of Marketing, Radware

In case you missed it

Water Plant Attack Emphasizes Cyber’s Impact On Physical Security
Water Plant Attack Emphasizes Cyber’s Impact On Physical Security

At an Oldsmar, Fla., water treatment facility on Feb. 5, an operator watched a computer screen as someone remotely accessed the system monitoring the water supply and increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million. The chemical, also known as lye, is used in small concentrations to control acidity in the water. In larger concentrations, the compound is poisonous – the same corrosive chemical used to eat away at clogged drains. The impact of cybersecurity attacks The incident is the latest example of how cybersecurity attacks can translate into real-world, physical security consequences – even deadly ones.Cybersecurity attacks on small municipal water systems have been a concern among security professionals for years. The computer system was set up to allow remote access only to authorized users. The source of the unauthorized access is unknown. However, the attacker was only in the system for 3 to 5 minutes, and an operator corrected the concentration back to 100 parts per million soon after. It would have taken a day or more for contaminated water to enter the system. In the end, the city’s water supply was not affected. There were other safeguards in place that would have prevented contaminated water from entering the city’s water supply, which serves around 15,000 residents. The remote access used for the attack was disabled pending an investigation by the FBI, Secret Service and Pinellas County Sheriff’s Office. On Feb. 2, a compilation of breached usernames and passwords, known as COMB for “Compilation of Many Breaches,” was leaked online. COMB contains 3.2 billion unique email/password pairs. It was later discovered that the breach included the credentials for the Oldsmar water plant. Water plant attacks feared for years Cybersecurity attacks on small municipal water systems have been a concern among security professionals for years. Florida’s Sen. Marco Rubio tweeted that the attempt to poison the water supply should be treated as a “matter of national security.” “The incident at the Oldsmar water treatment plant is a reminder that our nation’s critical infrastructure is continually at risk; not only from nation-state attackers, but also from malicious actors with unknown motives and goals,” comments Mieng Lim, VP of Product Management at Digital Defense Inc., a provider of vulnerability management and threat assessment solutions.The attack on Oldsmar’s water treatment system shows how critical national infrastructure is increasingly becoming a target for hackers as organizations bring systems online “Our dependency on critical infrastructure – power grids, utilities, water supplies, communications, financial services, emergency services, etc. – on a daily basis emphasizes the need to ensure the systems are defended against any adversary,” Mieng Lim adds. “Proactive security measures are crucial to safeguard critical infrastructure systems when perimeter defenses have been compromised or circumvented. We have to get back to the basics – re-evaluate and rebuild security protections from the ground up.” "This event reinforces the increasing need to authenticate not only users, but the devices and machine identities that are authorized to connect to an organization's network,” adds Chris Hickman, Chief Security Officer at digital identity security vendor Keyfactor. “If your only line of protection is user authentication, it will be compromised. It's not necessarily about who connects to the system, but what that user can access once they're inside. "If the network could have authenticated the validity of the device connecting to the network, the connection would have failed because hackers rarely have possession of authorized devices. This and other cases of hijacked user credentials can be limited or mitigated if devices are issued strong, crypto-derived, unique credentials like a digital certificate. In this case, it looks like the network had trust in the user credential but not in the validity of the device itself. Unfortunately, this kind of scenario is what can happen when zero trust is your end state, not your beginning point." “The attack on Oldsmar’s water treatment system shows how critical national infrastructure is increasingly becoming a target for hackers as organizations bring systems online for the first time as part of digital transformation projects,” says Gareth Williams, Vice President - Secure Communications & Information Systems, Thales UK. “While the move towards greater automation and connected switches and control systems brings unprecedented opportunities, it is not without risk, as anything that is brought online immediately becomes a target to be hacked.” Operational technology to mitigate attacks Williams advises organizations to approach Operational Technology as its own entity and put in place procedures that mitigate against the impact of an attack that could ultimately cost lives. This means understanding what is connected, who has access to it and what else might be at risk should that system be compromised, he says. “Once that is established, they can secure access through protocols like access management and fail-safe systems.”  “The cyberattack against the water supply in Oldsmar should come as a wakeup call,” says Saryu Nayyar, CEO, Gurucul.  “Cybersecurity professionals have been talking about infrastructure vulnerabilities for years, detailing the potential for attacks like this, and this is a near perfect example of what we have been warning about,” she says.  Although this attack was not successful, there is little doubt a skilled attacker could execute a similar infrastructure attack with more destructive results, says Nayyar. Organizations tasked with operating and protecting critical public infrastructure must assume the worst and take more serious measures to protect their environments, she advises. Fortunately, there were backup systems in place in Oldsmar. What could have been a tragedy instead became a cautionary tale. Both physical security and cybersecurity professionals should pay attention.

What Are The Positive And Negative Effects Of COVID-19 To Security?
What Are The Positive And Negative Effects Of COVID-19 To Security?

The COVID-19 global pandemic had a life-changing impact on all of us in 2020, including a multi-faceted jolt on the physical security industry. With the benefit of hindsight, we can now see more clearly the exact nature and extent of that impact. And it’s not over yet: The pandemic will continue to be top-of-mind in 2021. We asked this week’s Expert Panel Roundtable: What have been the positive and negative effects of Covid-19 on the physical security industry in 2020? What impact will it have on 2021?

Expert Roundup: Healthy Buildings, Blockchain, AI, Skilled Workers, And More
Expert Roundup: Healthy Buildings, Blockchain, AI, Skilled Workers, And More

Our Expert Panel Roundtable is an opinionated group. However, for a variety of reasons, we are sometimes guilty of not publishing their musings in a timely manner. At the end of 2020, we came across several interesting comments among those that were previously unpublished. Following is a catch-all collection of those responses, addressing some of the most current and important issues in the security marketplace in 2021.