Dan Mondor is the Chairman and CEO of Inseego Corp., a leader in 5G device-to-cloud solutions for business and government networks.
getty
It’s hard to keep up with the latest cybersecurity news. Just weeks ago, Microsoft Exchange was hacked by Chinese cybercriminals. In May, an assault on Colonial Pipeline by a Russian-linked group choked off the fuel supply to 50 million Americans for days. A few weeks later, ransomware crippled the world’s largest meat supplier. Hackers also infiltrated the transit system in New York and the Steamship Authority in Massachusetts. And hundreds of other ransomware hijacks have hit hospitals worldwide, forcing doctors and patients to cancel or delay critical procedures.
The threats are escalating daily, coming from bad actors seeking financial gain and hostile nations determined to harm our national security.
The cost of these incidents (now trillions of dollars a year) is troubling enough. But the real-world consequences go far beyond the monetary damages. These attacks don’t just hurt profits and privacy; they hurt people. And a coordinated assault on our power grids, food supply or health care ecosystems could devastate our economy and society.
This isn’t doomsday fearmongering. Every part of the public and private sector is now being targeted. Work from home has made corporations much more vulnerable to cyber threats. The mushrooming internet of things (IoT) can expose our nation’s critical infrastructure to infiltrators. And communications equipment with built-in backdoors can be exploited by adverse nations. It’s time to sound the alarm and step up our defenses — everywhere.
“Everything From Home” Opened Pandora’s Box Of Cyber Threats
While most of us have seen the pandemic as a crisis, hackers have seen it as an opportunity. With health care systems strained to the limit, cybercriminals have preyed on unsecured endpoints and spoofed websites to victimize consumers searching for Covid-19 information. And everything from home (EFH) — including work, school and telehealth — has created many other vulnerabilities.
For most employees, work-from-home has been a huge success, transforming the way we think about remote work. But from a security standpoint, it’s been an IT nightmare. Home networks using consumer-grade routers to connect to the internet weren’t designed to provide a protective firewall for the corporate network.
IT departments have been scrambling to deploy new solutions for their suddenly remote workforce to make sure that employees have safe and compliant access to their corporate networks. 5G and 4G devices, including mobile hotspots and other solutions, have stepped into the void and are already helping — today.
New 5G customer premises equipment (CPE) can also provide more reliable and secure broadband connections. These “fixed wireless” 5G/LTE routers and gateways provide an excellent alternative to unsecured employee home Wi-Fi networks that carry all kinds of personal and family traffic.
By delivering dedicated broadband connections with integrated cloud management, these 5G solutions make it easy for IT administrators to configure, deploy and maintain secure connections for remote employees.
Industrial IoT Exposure
Today’s rapidly expanding threat surface also includes billions of new industrial devices that are now connecting our critical infrastructure, including power grids, pipelines, factories, ports and transportation systems.
Whether it’s a cybercriminal with financial motives or a nation-state executing an advanced persistent threat (APT), attacks on these internet of things (IoT) systems aren’t limited to the digital domain. Here, the primary targets are networks that connect and control our physical infrastructure.
Consider what happened in February when a hacker infiltrated the city water system in Oldsmar, Florida, and attempted to raise the level of sodium hydroxide from 100 parts per million to a lethal 11,100 parts per million.
How do hackers like these get in? In many cases, they exploit IT or OT (operational technology) networks that simply haven’t been maintained with the latest software updates and security patches. That’s why implementing and rigorously enforcing IT security policies everywhere, at every endpoint, is the easiest line of defense. Integrated device management software helps ensure compliance with corporate settings and security policies, and alerts IT teams when IoT endpoints are compromised.
But as security experts know, we need many layers of protection. Another way to harden endpoints is with constant, cloud-based threat detection that uses AI to protect access points and all the things they connect. New 5G “intelligent edge” solutions can prevent and detect network intrusion or anomalous behavior, continuously learning and adapting to the target environment.
Built-In Backdoors
Last year, Europe’s largest cellular carrier reportedly found hidden backdoors in home internet routers made by a large Chinese manufacturer, underscoring the need to choose 5G solutions from trusted and proven suppliers. Organizations can protect themselves — and their customers — from “supply chain” attacks by sourcing their 5G providers carefully.
Choosing the right 5G equipment supplier starts with asking right questions: Are their solutions designed to the highest security standards and fully tested — including third-party penetration testing? How secure are the weakest links in their supply chain? Can they help ensure compliance with your IT policies?
5G is fast becoming the preferred choice for high-speed broadband access in all kinds of environments, from smart homes to smart infrastructure. As our society becomes more interconnected, there’s no longer a hard perimeter around corporate networks. The time has come to turn private and public sector attention to new 5G solutions with multi-layered security that can help us connect with greater confidence anywhere.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
