The growing pace of digital transformation across industries has resulted in a concomitant increase in the number of devices connected to the internet. While this has opened up new use cases for the enterprises, it has also made their IT infrastructure more vulnerable to cyberattacks. The Covid-19 pandemic has exacerbated these cybersecurity challenges, with remote working emerging as the preferred operating model at most organisations. According to industry estimates, the personal data of over half a million videoconferencing users around the world was stolen between February 2020 and May 2020. As per the Indian Computer Emergency Response Team, India witnessed 1,158,208 and 1,402,809 incidents of cyberthreats in 2020 and 2021 respectively, against 394,499 incidents in the pre-pandemic year 2019.
A single weak link in the digital ecosystem can allow hackers and cybercriminals to gain access to the entire database, with serious implications. For instance, a flawed security framework in government departments can lead to the leakage of sensitive government documents and tampering with official records.
With the reliance on digital tools for streamlining operations and automating manual processes set to increase considerably in the next few years, it has become extremely necessary for enterprises, operators and equipment vendors to put in place strong safeguards for protecting the IT infrastructure from cyberattacks.
Cybersecurity concerns in an increasingly digital world
Concerns around security and privacy have emerged as the major obstacles to large-scale deployment of next-generation technologies such as internet of things (IoT), cloud computing, virtualisation and 5G.
Some of the cybersecurity risks associated with the deployment of 5G services stem from the nature of the network itself, while others involve the devices that would be connected through 5G. Because of limited bandwidths and speeds, the current generation of cellular networks has allowed telecom operators to monitor security threats in real time. However, the blazingly high bandwidth and the consequent increase in data traffic associated with 5G mean that security teams will have to deploy additional workforce and solutions to guard 5G networks.
Further, most telecom operators have either rolled out or are rolling out their 5G services based on an existing long-term evolution (LTE) network core. As a result, these networks inherit all the vulnerabilities of LTE networks, according to a report by GSM Association. Since almost all the LTE networks are vulnerable to denial of service (DoS) attacks, the 5G non-standalone networks will also be vulnerable to DoS.
Furthermore, the 5G network core is based on software-defined networking (SDN) and network function virtualisation (NFV) technologies. While virtualisation makes the deployment of 5G networks simpler, quicker and more flexible, replacing dedicated hardware with software-defined systems makes mobile networks more vulnerable to attacks. Both SDN and NFV rely extensively on the hypertext transfer and representational state transfer protocols. The fact that these protocols are well known and widely used on the internet will probably make it easier for hackers to find tools for detecting and exploiting vulnerabilities in 5G networks. Moreover, compared to 3G and 4G, 5G has far more traffic routing points, making it difficult to perform thorough security checks repeatedly. In order to ensure complete security, all of these routing points will have to be monitored, as even a single unsecured area might compromise the entire network.
The proliferation of IoT devices in areas such as industrial monitoring systems, smart cities and smart transportation infrastructure has also generated new cyberthreats for the industries adopting them. This is because the behaviour of IoT devices varies greatly. For instance, while sensors communicate and exchange data periodically regardless of the time of day, and may remain entirely stationary for a large span of time, devices in other segments such as driverless vehicles are constantly moving. Further, lack of encryption standards across IoT devices has made it easier for hackers to acquire information on the types of devices connected to the network (smartphones, vehicle modems, etc.), and the associated operating systems. This makes the entire network of connected devices vulnerable to device-specific IoT-targeted attacks.
Cloud computing has given enterprises the capability to assimilate huge volumes of data without adding additional hardware storage capacities, thereby bringing down data management costs. This technology, however, also has its fair share of security issues. In a cloud framework, attackers can remotely access sensitive data stored on the cloud, and falsify and manipulate information through hijacked login credentials. Further, attackers can inject malicious code into cloud services and make them a part of the software or service running within the cloud servers themselves. This can enable hackers to easily host and spread malware, illegal software, and other digital properties and sensitive information.
Safeguarding against cyberthreats
Enterprises must deploy technology-specific cybersecurity solutions to protect their IT infrastructure from cyberattacks. In the case of 5G networks, operators need to start securing previous-generation networks, since the 5G services will initially be based on the 4G network core. A careful analysis of all signalling information crossing the borders of their existing network will also help operators build adequate protection for 5G services.
With regard to the lack of standards in the IoT ecosystem, there is a need to establish product labelling standards for connected devices. This will help retail users and enterprises ascertain the safety of their IoT devices. Moreover, greater awareness needs to be created regarding securing all internet devices with software updates. Operators and equipment vendors can also explore machine learning models capable of detecting unknown threats in an IoT environment.
Meanwhile, cybersecurity solutions for a cloud environment must give enterprises complete visibility and control over cloud data and applications. A complete view of cloud data can be provided by connecting an application programming interface (API) to the cloud service. An API connection would make it possible to view the kind of data stored in the cloud, the users of the data, and the roles of these users. Once an organisation gains visibility into cloud data, it can apply necessary controls to prevent any kind of data breach. For instance, it can classify data into multiple levels, such as sensitive, regulated or public, to stop the information from entering or leaving the cloud service. It can also implement a cloud data loss prevention solution to automatically disable access to data and transport of data when suspicious activity is detected. Further, it can implement a set of collaboration controls, such as downgrading file and folder permissions for specific users to “editor” or “viewer”, removing permissions, and revoking shared links. Moreover, cloud-based data encryption can be used to prevent unauthorised access to data, even if that data is exfiltrated or stolen.
The transition to a software-based digital environment has generated a plethora of new security-related concerns for enterprises. Software, by its very nature, is less secure than hardware. Moreover, unlike conventional IT environments, virtualisation requires managing IT outside the enterprises’ own premises, which removes an element of controllability and fuels security concerns. The overdependence on software also makes it easier for hackers to maliciously insert backdoors into the IT infrastructure and make them harder to detect during security checks.
Telecom operators often skip the security aspects of networks during testing and implementation, and deploy security solutions only after the network becomes operational. While this expedites network deployment and initially saves costs, operators eventually pay more to buy equipment that integrates well with their existing network infrastructure. In the future, operators should only focus on installing suitable security solutions at the time of network deployment.
Going forward, enterprises and service providers need to collaborate on devising technology-specific solutions to ensure the end-to-end security of their networks, jointly. A highly secure and reliable digital network will serve as a key differentiator and essential revenue enabler for both operators and enterprises.