5G is well on its way to becoming a reality for carrier customers and others in a commercial sense, but former FCC chairman Tom Wheeler thinks that the big players in the space are not paying enough attention to security. The nascent technology threatens, even promises, to encroach into every facet of daily life, making its security of the utmost priority.
According to Wheeler, current security pushes concerning 5G, including blocking prominent Chinese players from the American scene for security reasons, simply aren't enough. This is due, in part, to the very nature of the innovations that 5G is set to enable. Self-driving cars, for instance, are reportedly projected to one day use as much mobile data in a single day of driving as three thousand people would use on current smartphones.
Background: Wheeler says that the current internet structure is a one-way street, or a series thereof, and is essentially turn-based. Data is created at one point, brought to another point, and in some cases, more data is generated at the other end and sent back. This may be enough to keep up with human input, game downloads, and the like, but 5G use cases will be vastly different, and thus harder to fully secure.
5G will enable hundreds or even thousands of concurrent connections in parallel from the same device in the same use case. Going back to the example of the self-driving car, it's a device that has hundreds of sensors that are all talking to both an internal computer and a cloud consciousness of sorts, all at the same time. With many other units connected to the very same session, there's a lot to keep track of.
Consequently, there are tons of potential entry points for would-be hackers, and unless somebody creates some kind of blanket security for the entire scheme, each point will need its own security. That stands in stark contrast to current connection schemes, wherein simply encrypting the data going across both channels and making sure there are no leaks or major vulnerabilities is usually good enough.
The Trump Administration and its appointed FCC, shorty after taking office, not only wiped out net neutrality rules, but also took a number of protective requirements for the forthcoming 5G standard off the books. This was set to be the first time in history that those creating a new networking standard were compelled to include security in the design. That elimination was made and kept despite the administration being advised that poor cybersecurity was an "existential threat" to the future of the United States.
Impact: Wheeler's writing may reach somebody in a position of power and make them want to investigate the security of 5G and the implications of leaving things as they are, but that's not entirely likely. Wheeler leaves off with a scathing comment, calling on the recently swung Congress changed in the midterm elections to "use its oversight power to explore just why the administration has failed to protect against that risk…"
What Wheeler is pointing out and calling for in this article may well be vital to the safe and effective rollout of 5G and related technologies. Without security built into the standard, it's up to network equipment makers, consumer device makers, and the internet service providers who will be bringing those things together to implement adequate security measures.