How sharing what we don’t know can build trust in medical research

Impactful leadership in the era of the remote team

How credit cards activate the reward center of our brains and drive spending

MIT Sloan Experts


The dark side of 5G


There has never been a highly touted technology that didn’t come with unexpected ill-effects. Still, that hasn’t stopped tech-hounds from glorifying the possibilities of 5G even while they ignore the potential downsides and multiple risks.

Stuart Madnick is the John Norris Maguire Professor of Information Technologies, Emeritus at the MIT Sloan School of Management and the Founding Director of Cybersecurity at MIT Sloan: the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity.

5G high-speed communication networks promise dramatic increases in communication speeds, perhaps as much as 100-times faster than 4G, that will enable new and improved applications – all of which is great. However, despite these upsides, there are potential downsides that should be considered in the rush to the adoption of 5G.

In some ways, going from 4G to 5G is like going from fireworks to dynamite sticks. Impacts are greatly magnified. The higher speeds, as well as other functional advantages, will accelerate the inclusion of the internet into more and newer devices, often referred to as the Internet of Things (IoT). So, for example, this will allow items like refrigerators or light bulbs to come online. This would allow users to remotely check the contents of their fridge or dim their bedroom lights using their phones, but these devices can also be harnessed for nefarious purposes.

More devices and faster speeds add up to increased security attacks and increased efficiency and efficacy for cybercriminals. For example, we must anticipate that denial of service attacks (DDoS) will become more powerful than ever before. One of the most notorious DDoS incidents in history — the 2016 Dyn cyberattack — was facilitated by unsecured IoT devices, like security cameras, printers, and baby monitors. Hacker groups Anonymous and New World Hackers allegedly took control of thousands of electronics that still had their default passwords to amass an army of zombie devices, known as a botnet.

Websites like Twitter, SoundCloud, Spotify, and Shopify were inaccessible for a day. This could happen again, to a degree that hasn’t even been imagined yet. The fact that 5G increases the speed at which these attacks could occur means that it takes even fewer attackers to overwhelm a given organization. As the Department of Homeland Services noted after the DDoS attacks in 2016: “It is not clear if current network infrastructure could withstand future attacks if they continue to increase in scale.”

We have learned that changes creates higher risk situations. With the new 5G technology, there will likely be new flaws. There have already been identified flaws in the Authentication and Key Agreement (AKA) protocol in 3G and 4G which carry over to 5G. Although there are plans to address these concerns, there are likely others yet to be discovered.

In addition, the need for vastly more towers for 5G also increases the risks of fake towers and the deceptions that they can create. 5G requires a new infrastructure but there are concerns that the companies that are developing these technologies, and their home countries, might include various forms of surveillance features. This is highlighted in the battles between Huawei and the US, where US official have been concerned that Huawei's technology could be used against the American nation as an espionage tool for the Chinese government.”

The benefits of 5G are too important, and the global movements towards 5G too far along, to be stopped. But like almost every technology advance, we need to be fully aware of both the benefits and risks and consciously work to mitigate those risks. Not being aware of those risks is the worse situation to be in. This article is intended to bring many of those risks into the light.

Stuart Madnick is the John Norris Maguire Professor of Information Technologies, Sloan School of Management; Professor of Engineering Systems, School of Engineering; and Founding Director of CYBERSECURITY AT MIT SLOAN: the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity.