Much has been said about the advantages of the 5th generation of mobile networks, the 5G, which technically brings in exponentially higher traffic speeds and much more flexibility in services provided. These benefits, however, come at the expense of security. Statistics already show that half of European citizens feel threatened, 70% of companies have minimal knowledge about the risks, and 80% of European companies have faced at least one cybersecurity incident in the last year. Recently, over 200 cybersecurity experts met in Bucharest at an annual international conference organized by the National Center for Cybersecurity Incident Response to talk about 5G security and cybercrime. With the prospect of 5G networks being implemented starting next year, important steps have already been made towards applying European provisions in strategic areas, such as energy, transportation, banking, health, utilities, and digital infrastructure. In these areas, 5G will provide significant advantages, but will increase cybersecurity risks. The director of the National Center for Cybersecurity Incident Response, Catalin Arama, told us:
“We will definitely have 5G technology, just like the rest of Europe and the world. Technology development and adopting new technologies is a one way street, in fact 5G technology comes in support of this process of digitalization – it offers very high speeds and a much higher number of connections. Which means that equipment all around will be connected to the Internet in higher numbers, at much higher speeds, which actually increases the risk of cyberattacks, and creates facilities for attackers, because they can gain control to our equipment much faster, in a much shorter time, and the quantity of data they can steal or alter is much higher too.”
Experts point out that any vulnerability in 5G networks can be exploited to compromise both digital infrastructure and the devices connected to it, with the risk of grave damage. Major attacks have already occurred, interfering with energy systems in Ukraine, in 2015, as well as Venezuela, in 2019, when hundreds of thousands were left without power. This year, the transportation infrastructure in the US was attacked, affecting the transportation computer system in San Francisco. In Estonia, in 2007, bank transfers were blocked, and people could not withdraw money at ATMs. In the UK, in 2017, doctors could not operate patients because their databases were encrypted. According to CERT-RO director Catalin Arama, there is an increasing risk of cyberattacks, but there are ways to defend:
“We have to join a new stage in cybersecurity. Equipment has to be carefully checked before connecting to networks. Which is why there is talk at the European level of standardizing this sector, imposing security measures right from the design stage, which I think will lessen the vulnerability brought on by these new solutions and technologies. Transfer speeds and the large number of devices surrounding us only encourage attacks. Which is why risks are so much higher.”
At the European level, the issue of 5G associated risks is a major one, with a set of measures in the works to counteract this threat. The head of the EC Representative Office in Bucharest, Stefan Turcu:
“The European Union Agency for Cybersecurity will finalize a charting of threats specific to 5G networks. At the same time, by the end of this year the cooperation group should come up with a set of measures to reduce these risks, and, by the autumn of next year, in cooperation with the Commission, member states should have ready an evaluation of the effects of these recommendations, to establish if further action is necessary.”
This is highly needed, because the risks are not only personal, they can affect national security, in a world where propaganda is an increased risk globally.