The buzz around 5G is reaching a fevered pitch – barely a day goes by where it isn’t in the news. 5G is often related to data capacity, high speed, low latency and lower power consumption.
The Ericsson Mobility Report 2020 shows how the impact of COVID-19 has led to the network’s crucial role in society. The report expects the global number of 5G subscriptions to top 2.8 billion by the end of 2025. 5G is expected to represent around 18% of mobile subscriptions by end of 2025 in India.
It also states that in India, the projected value of the 5G-enabled digitalisation revenues will be approximately $17 billion by 2030. With 5G being a platform for innovation it will enable the development of new services for consumers, enterprises, and industry, including large-scale IoT use cases.
But what exactly is 5G?
According to Dorothy Stanley, IEEE Member and Chair – IEEE 802.11 Working Group, there’s confusion over the term ‘5G’ being used to refer to several ideas interchangeably.
“Is 5G a vision? A set of services and data rates that are a goal to be accomplished, requiring multiple technologies? Or something that’s tied only to cellular carriers and what they can deliver?” asks Stanley.
Some experts including IEEE Member’s Babak Beheshti are most focused on the mixed nature of the technology.
Beheshti, an Interim Dean at the College of Engineering and Computing Sciences, New York Institute of Technology says, The very design philosophy of 5G is based on network heterogeneity. This means that the network can be a combination of technologies such as Wi-Fi and LTE.”
Therefore, what 5G means depends on the context of the discussion, but it’s likely to include a combination of technologies. This heterogeneity makes security more complex. However, there are already some exciting developments in the pipeline for 5G and IoT device security.
“According to T-Mobile US, 4G information being carried across mobile networks was not always encrypted. In 5G, end-to-end encryption is intended to provide much stronger safeguards for data privacy,” says Beheshti.
That will be coupled with a globally unique subscriber permanent identifier (SUPI) for each user. “The SUPI is never broadcast over the air during connection establishment for a mobile device, which can help prevent the hijacking of a mobile’s identity. 3G and 4G networks are inferior in this respect,” explains Beheshti.
For Stanley, top of mind is the latest security solution, Wi-Fi CERTIFIED Easy Connect. “You scan the QR code, and that bootstraps a protocol exchange that gets you on the network securely. So your traffic over the wireless link will not be snipped.”
Since IoT devices don’t often have robust user interfaces. Using a QR code lets manufacturers create security protocols that can be operated without the use of a keyboard.
“The QR code is just a way to encode data. Basically, you’re encoding a public key that can be used to establish and bootstrap trust. Only the peer device that has the private key can decode that,” says Beheshti.
So upcoming security technologies are promising.
What can consumers do to make sure their current IoT setups are secure?
“Consumers should use the ‘guest’ network of their home Wi-Fi routers as a dedicated network for IoT devices. So if one of those devices were compromised, the threat actor can’t easily pivot to more valuable data,” says Kayne McGladrey, IEEE Member and Director of Security and Information Technology – Pensar Development.
That’s the case for newer devices according to McGladrey. “For older, cheap, IP-based security cameras and digital video recorders (DVRs), the easiest way to secure them is to recycle them responsibly as there often are no security updates available,” he says.
The ability to update devices over their lifetime is essential to security and should factor into buying decisions, he adds.
Endorsing McGladrey’s viewpoint, IEEE Senior Member and Hohai University professor Han Guangjie asks to check and update the IoT device firmware.
“If IoT devices have exploitable vulnerabilities, manufacturers often identify and fix problems before the hacker can access the device’s environment,” adds Guangjie.