As 5G coverage expands in South Africa, a world of new possibilities unfolds for both individuals and businesses. With the ability to connect more smart devices than ever before, the potential for innovation and growth is limitless.

However, this rapid expansion also means an increased vulnerability to cyber threats, warns William Petherbridge, systems engineering manager for Southern Africa at Fortinet.

There are inherent risks associated with the adoption of 5G, says Petherbridge. The accelerated proliferation of devices, facilitated by 5G, opens the door to potential security challenges that require careful consideration.

The expansion of 5G coverage in South Africa is rapidly advancing, driven by both mobile network operators (MNOs) and 5G fixed wireless access providers.

A recent GSMA report found that 5G mobile adoption in South Africa had already reached 4% of mobile connections by mid-2023, making it the highest proportion of 5G connections among African countries. Experts project that by 2030, 5G connections will make up 43% of the total connections in South Africa, and as much as 70% in Morocco.

5G offers greater speed, capacity, and processing power, with improved mobile traffic management. It’s touted as a game changer for both MNOs and enterprises in many verticals. Its capabilities include providing lightning-fast download speeds, Machine to Machine Communications (mMMC) that support up to 1-million devices per square kilometre, as well as catering to unique IoT requirements.

It also provides very reliable and quick communication, and can be customised to handle specific needs like quality of service, capacity, latency, and security.

Petherbridge notes that “5G mobile networks have more sophisticated security built into them than older mobile networks like 3G and 4G. But because of 5G’s increased reliance on virtualisation and automation based on open radio access network architecture (Open RAN), risks do exist.”

A security breach for mobile network operators and 5G private mobile networks has the potential to impede network speed or even cause network downtime, posing a threat to both revenues and reputation.

According to a 5G Security study, 90% of businesses view an operator’s security capabilities as either critical or very important. Moreover, 86% believe that telecommunications companies should offer tailored, comprehensive, full-stack end-to-end security solutions for 5G enterprise use cases.

“Securing 5G networks is quite challenging because they are very dynamic and automated. Simply checking off security measures at one point in time won’t be enough, as securing these networks is an ongoing and constantly evolving process,” says Petherbridge.

A particular challenge in the 5G era is IoT and Industrial IoT (IIoT) devices, which are expected to proliferate thanks to 5G’s capabilities.

“One major issue is that a lot of IoT and IIoT devices were not originally designed with security in mind. Even everyday smart devices in homes that are connected via 5G could pose an enterprise risk, especially due to the rise of hybrid work setups,” explains Petherbridge.

Within large organisations, there’s a noticeable increase in IoT and connected devices at various locations, such as smart TVs, reception tablets, and IoT sensors for managing lights and air conditioning. Many of these devices lack security features, and may not even be listed in the company’s record of assets.

This oversight increases the risk of cyber-attacks, as the unaccounted devices could be vulnerable entry points for breaches and can complicate the security landscape, Petherbridge adds.

To reduce the risks associated with the expanding attack surface, employing security best practices, encryption, and zero-trust network access control is essential, he adds. “In this context, having visibility is crucial. Organisations can achieve this through taking a consolidated security platform approach, which can provide them with greater visibility and control over the network.”

Managing IoT assets within the IIoT ecosystem can be supported by various comprehensive security solutions, including next-generation firewalls, network access control, central log management and analysis platform, as well as intrusion prevention systems that specifically identify and prevent a broad spectrum of attacks targeting IIoT and IoT devices.