“There is no place where espionage is not possible.” Sun Tzu
Praises for 5G implementation are beginning to nourish the hopes and dreams of an interconnected “smart” community. 5G lays the foundation for unprecedented speed, greater bandwidth and lower latency – breathing life into a whole new generation of connected devices. “Lighting up” 5G has become the new “shot heard round the world” and has triggered a revolution unlike anything we’ve seen before.
As 5G technology advances, we must remain cognizant that each new opportunity brings new risks and challenges that often thwart our ability to take full advantage of its benefits. Today, the successful implementation of 5G will rely on our ability to traverse the ever-changing and complex cyber-threat landscape.
Without proper protection, 5G technology will be vulnerable to malicious actors who want to steal data, manipulate sensitive information, commit fraud and identity theft, impede operations, or attack other computer systems.
Our adversaries, even before 5G is fully fielded, have begun taking advantage of cybersecurity weaknesses by attacking the “heart and soul” of 5G information. The McAfee Advanced Threat Research Strategic Intelligence team has recently uncovered that “Chinese APTs are conducting cyber-espionage campaigns targeting 5G telecommunications companies in the US, Europe, and Southeast Asia.” APT groups are focusing on human fragility and using basic phishing techniques to lure unsuspected workers to fake Huawei web sites.
Surprising? Not really. Failure to follow basic security procedures continues to plague our cybersecurity posture as phishing attacks account for more than 80% of reported security incidents. By targeting human weaknesses, education and training have become the defining moment to the success and failure of our ability to protect ourselves. To help mitigate the cyber risks of employees, CEOs, CIOs and CISOs should ask themselves the following questions:
- How do you communicate that cybersecurity is a corporate priority within your organization?
- How can your organization become more cyber threat aware?
- Do you use “cyber incidents” as teachable moments?
- How can you use continuous education and training to effect long-term behavioral change?
- How can you create a “culture of cybersecurity” when malicious actors always appear one-step ahead?
Individuals continue to be the weakest link in the cybersecurity chain as 95% of cybersecurity breaches are caused by human error. Because our adversaries are becoming bolder in their tactics, techniques and procedures, we must continue to be vigilant in the education and training arena to ensure we can take full advantage of the benefits 5G can bring to the global community. Addressing cybersecurity’s weakest link is everyone’s responsibility.