Latest Cybersecurity & Law Update: 5G Enabled BotNet Attack - How Organizations Can Defend and Mitig
“As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace.” - Newton Lee
“By some estimates, cybercrime is expected to globally cost up to $6 trillion annually. Losses of this scale put the incentives for innovation and investment at risk and will be more profitable than the global trade of all illegal drugs combined” - David Kennedy
Our civilization is addicted to the internet. Spurred by this addiction, mass 5G adoption is inevitable. Despite the infinite potential that 5G can bring to the human race (ranging from e-health, smart vehicles all the way to powering smart cities), it is also expected that cybercriminals will exploit 5G.
Notably amongst the expected 5G based threats includes 5G powered botnet attack. In these scenario, it is expected that cybercriminals will leverage their unprecedented reach in connecting the number of devices, use such hijacked devices divided into subgroups with specialized skills which can in turn, harness such power to attack and overwhelm the defences of a single target.
Cybercriminals can target networks and/or devices as an integrated system and share intelligence in real time to refine their attack as it is happening. This effect is amplified where the target is a particular organization, where enhanced 5G computing power may hijack all devices within that particular organization’s network to cause unimaginable damage.
Afterall, swarm technologies need large amounts of processing power to enable individual swarmbots and to efficiently share information in a bot swarm and 5G together with weak network protection protocol will enable just such attacks. The result is that a 5G swarm will allow its operators (e.g. the cybercriminal) to rapidly discover, share and correlate vulnerabilities and then switch their attack methods to better exploit their vulnerabilities that they discover. It is expected that most organizations will not have defences ready to defend against such attacks.
How to Prepare Your Organization
Notwithstanding the aforementioned destructive potential, organizations should be mindful of the following:
1. Observe and orient: It is crucial for IT staff of organizations to understand early the nature of 5G technology in order to know how it works, recognize threats and plan contingent actions. This is especially true for multi-national organizations to know where their technology vulnerability are and take action. In Hong Kong, where financial institution stores any of their client’s information in a soft setting, they are expected to take adequate action to secure their data.
2. Internal Control is Essential: Defence in depth is a must. Organization must have established IT internal control procedure and contingency plans which will have automated steps as to what action is automatically required in the event of an attack.
3. Balance: Whilst internal control is necessary, it is imperative that such manuals must not be too over burdensome to the front lines to negate any positive impact that 5G technology may have for an organization.
4. Know thy self: Whilst many know that 5G will offer organizations many benefits on the side of their lips, in order to afford proper planning, the following issues must be known and considered by each and every organization during the course of technological adaptation:
(i) What is the role of 5G adaptation in your organization’s business adaptation and how will it benefit your organization on a business setting?
(ii) Does the 5G tech that your organization wish to adopt have any build-in security features to protect its users and is such feature adequate? How to address vulnerabilities?
(iii) What are the additional layers of security that might be employed post adaptation? How can you insulate exposed area from the rest of your organization’s value chain in order to minimize potential disruption.
5. Converged Network Security: Converging networking and security creates a security strategy that is highly flexible and adaptive. Three critical features for an effective converged network security includes:
(i) Controlled Access. This can be achieved via:
a. Authentication or detection of all devices attached to the network;
b. Controlled authorization of devices attached to a network; and
c. Policy association once (i) authentication and (ii) authorization occur.
(ii) Protect devices and applications. Vulnerable applications can lead to real world consequences (hackers have already found ways to exploit wearable accessories). The second element is therefore proactive protection to the devices and applications in use. Three elements of such protection includes
a. Define an acceptable-use policy for the network;
b. Ability to protect devices from other protocol; and
c. Apply proper service definition.
(iii) As with all protection policy, it is not complete without a response plan, key element of which should include:
a. Detection of attacks (know when and how to act that way);
b. Ability to communicate such incoming attack (to trigger a response); and
c. Alter the behaviour of the network to seal off weaknesses.
The introduction of ever sophisticated technology will result in ever sophisticated threats. Organizations must be on guard and be prepared to deal with such threat. It is a life and death situation for the organization (and their management) if and when it happens after all!