Our homes and cities are getting “smarter” – thermostats, video doorbells, sprinkler systems, street lights, traffic cameras, cars. all connected to the internet, collecting and transmitting useful data.
And 5G superfast mobile is seen as a catalyst that will light up this massive network.
GSMA Intelligence forecasts that there will be more than 25 billion “internet of things” connections by 2025.
But experts are queuing up to issue stark warnings about security.
“Security around IoT devices hasn’t been very good, so if they’re opened up to better connectivity they’re opened up to more hackers, too,” says Cody Brocious, education lead at security consultancy HackerOne.
“Not enough is being done to improve their security, and it’s only going to get worse when they become 5G-connected. We’ll see increases in spam and cyber-attacks.”
Steve Buck, chief operating officer at telecoms security company Evolved Intelligence, goes so far as to say that “5G will power critical infrastructure, so a cyber-attack could stop the country.”
The problem is that a lot of these IoT devices – think small sensors measuring air humidity or temperature, for example – are cheap and need to have a very long battery life.
“Implementing good security into such devices will require more processing power and this drives up costs and drains power,” says 5G expert Dave Burstein, editor of WirelessOne.news.
Which is why it won’t happen.
The danger is that insecure devices will provide rich pickings for hackers. Just this month, internet security firm Sophos Labs warned about a new “family of denial-of-service bots we’re calling Chalubo” targeting IoT devices.
The malware tries to recruit insecure devices into a botnet that can be commanded to bombard websites with requests and knock them out. Hackers then normally ask for a ransom to stop the attack.
“Google and Facebook spend billions on security and both have recently been hacked,” says Mr Burstein.
“If they can’t be fully protected, how can an ordinary person be expected to secure the dozen or more connected devices many of us will soon have?”
This is why Jeff Lipton, vice president of WaterSmart in San Francisco, a company that makes connected programmable water meters, thinks “these systems need to be very carefully thought through before rushing to make every device in a city smart”.
And it isn’t just the devices themselves that are vulnerable – the network potentially is, too.
“With 5G we’ll be consuming services from all over the place, so we want to deliver those services very quickly as close to the customer as possible to reduce latency [delay],” says Adam MacHale, managing director of technology strategy at IT and networking firm Cisco Systems.
So instead of one central delivery centre serving an entire country, there’ll be thousands of local ones, he explains.
“But this increases the threat surface [the number of potential weak points in a network that hackers can attack] and the risk.”
It’s a point reiterated by Michele Zarri, technical director at GSMA, the organisation representing the global mobile industry.