Companies need 5G technology for their work processes and many are already using it. But Sophos wanted to know more and asked the companies: for around three quarters it is clear: 5G needs special security measures. But only 50 percent use them.
87,4 percent of all companies surveyed state their need for 5G in order to connect and network the Internet of Things (IoT) and Operation Technology (OT) in operation. When looking at smaller companies with up to 500 employees, this value even increases to 91 percent. The market researchers from techconsult found this and other findings in the area of 5G security in a representative survey of German companies on behalf of Sophos.
Spread of 5G as a business network technology
Almost half of those surveyed (49,2 percent) are already using 5G as an alternative to classic cable or WLAN network connections, for example for devices or machines. At 59 percent, smaller companies use them significantly more than large companies (39,4 percent). When using 5G technology, production and logistics come first (62,3 percent). Then comes network connectivity of external branch offices to corporate headquarters (42,7 percent) and supply chain connectivity with other companies (38,7 percent).
The vast majority are aware of the risks
To what extent is 5G already being used in companies for machine communication (Image: Sophos).
One of the greatest risks of 5G is the spying out of data via the backdoors of infrastructure providers - 87,4 percent of those surveyed said they were aware of this. 80,4 percent also define software vulnerabilities in the network itself, which can be exploited by cybercriminals, as a source of danger. However, one in five of the IT professionals interviewed (19,6 percent) is ignorant here. More than two-thirds (65,3 percent) considered the risk of increased state influence such as espionage to be likely.
“Companies generally correctly assess the threat situation here. Due to the complexity of 5G, the attacks are also very complex. To date, almost no one outside of a nation state has the resources to effectively launch such an attack,” said Chester Wisniewski, Field CTO Applied Research at Sophos.
Threat is already correctly assessed
"Since the use of 5G technology in the industrial environment is not yet as widespread as classic network alternatives, it will probably be some time before larger waves of attacks can be expected. Nevertheless, it is only a matter of time, of widespread use and the chances of success before cybercriminals also target this network technology.”
Another challenge when using 5G is that if there is poor network coverage, the connections can automatically fall back to 4G or even 3G without appropriate precautions, thus automatically adding the risks of this older technology. According to the survey, this is clear to the majority at 80,9 percent. However, one in five (19,1 percent) does not see this as a problem.
Too few measures are still being taken
At 74,4 percent, the majority of all companies surveyed are of the opinion that 5G technology requires special security measures for business use in companies. But: when asked whether these separate steps are also used, only just under half (total: 48,2 percent) admit to them.
At 54 percent, the smaller organizations are more consistent here than the companies with more than 500 employees (42,4 percent). The rest (43,2 percent) rely on the standard security measures. And this despite the fact that they are aware of the risks that 5G technology entails.
"It takes a lot of time and deep technical knowledge to understand the incredibly long and detailed specifications of the 5G protocols," explains Chester Wisniewski, Field CTO Applied Research at Sophos. “Only then can the potential risks of this technology and its functions be recognized and evaluated. Businesses need more information and support to ensure security in specific areas of 5G technology, such as security ecosystems including firewalls that support 5G.”
About the Sophos survey
In the second quarter of 2023, with the help of market research by techconsult, Sophos surveyed IT managers and employees from 200 German companies with between 100 and more than 500 employees about their use of 5G technology.
More at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.