In 2020, we will see substantial increases in wireless data speeds as well as new applications and business models that will leverage fifth-generation (5G) wireless and Wi-Fi 6 (802.11ax). Both technologies will give enterprise users, consumers, and, yes, attackers the ability to rapidly transfer an enormous amount of data using new devices that will become available in 2020. The potential impact of these wireless technologies should be included in enterprise risk assessments and factored into policies such as bring your own device (BYOD). Coupled with a marked increase in mobile malware attacks in 2019, introduction of new wireless devices supporting 5G and Wi-Fi 6 will necessitate a deeper look at mobile device policies and defenses in 2020.
Commercial 5G rollouts by wireless carriers in North America will accelerate in 2020, and new devices supporting 5G standards will come onto the market at a rapid pace. With theoretical data speeds of up to 10 gigabits per second and the ability to manage billions of connected devices, 5G will enable new business models and the necessary infrastructure for broad internet of things (IoT) applications such as autonomous vehicles, smart cities, and new entertainment platforms. For enterprises, 5G will offer enhanced customer-focused applications, such as high-quality marketing content and advanced location-based services. Expect established companies and startups to build innovative capabilities around 5G connectivity, and these will need to be evaluated from both security and privacy standpoints. For enterprises with a global presence, 5G will initially be problematic, as the U.S. and the rest of the world will be using different frequency bands for 5G services, which equates to the necessity for devices to support different networks and standards. 5G is still in the early days of commercialization, and researchers have already identified more than a dozen security and privacy vulnerabilities related to device identification and location-based services. Expect a steady stream of vulnerability reports as more security practitioners get access to test 5G networks and devices in 2020. Attacker access to 5G infrastructure will enable the proliferation of bot-based denial of service attacks.
The 802.11ax standard was finalized in September 2019. Wi-Fi 6 routers and devices are slowly coming into the market, but prices will need to drop before these devices hit critical mass for consumers. Wi-Fi 6 will enable a theoretical 37% boost in speed, but users will likely be limited by the highest speed of their internet service provider’s internet connection. Wi-Fi 6 will also support concurrent connections by significantly many more IP-enabled devices in the home. For chief information security officers (CISOs), this will necessitate a review of work-from-home policies and an evaluation of whether traditional security technologies, such as virtual private network (VPN) solutions, will support the higher throughput. There may also be some potential vulnerabilities for compromise of enterprise data associated with insecure home devices operating on the same router that supports remote connectivity with enterprise networks.
Now is the time to evaluate your risks and defenses associated with these new wireless capabilities.