Everyone wants 5G - but only 50 percent rely on security

Image by Cliff Hang from Pixabay

Share post

Companies need 5G technology for their work processes and many are already using it. But Sophos wanted to know more and asked the companies: for around three quarters it is clear: 5G needs special security measures. But only 50 percent use them.

87,4 percent of all companies surveyed state their need for 5G in order to connect and network the Internet of Things (IoT) and Operation Technology (OT) in operation. When looking at smaller companies with up to 500 employees, this value even increases to 91 percent. The market researchers from techconsult found this and other findings in the area of ​​5G security in a representative survey of German companies on behalf of Sophos.

Spread of 5G as a business network technology

Almost half of those surveyed (49,2 percent) are already using 5G as an alternative to classic cable or WLAN network connections, for example for devices or machines. At 59 percent, smaller companies use them significantly more than large companies (39,4 percent). When using 5G technology, production and logistics come first (62,3 percent). Then comes network connectivity of external branch offices to corporate headquarters (42,7 percent) and supply chain connectivity with other companies (38,7 percent).

The vast majority are aware of the risks

To what extent is 5G already being used in companies for machine communication (Image: Sophos).

One of the greatest risks of 5G is the spying out of data via the backdoors of infrastructure providers - 87,4 percent of those surveyed said they were aware of this. 80,4 percent also define software vulnerabilities in the network itself, which can be exploited by cybercriminals, as a source of danger. However, one in five of the IT professionals interviewed (19,6 percent) is ignorant here. More than two-thirds (65,3 percent) considered the risk of increased state influence such as espionage to be likely.

“Companies generally correctly assess the threat situation here. Due to the complexity of 5G, the attacks are also very complex. To date, almost no one outside of a nation state has the resources to effectively launch such an attack,” said Chester Wisniewski, Field CTO Applied Research at Sophos.

Threat is already correctly assessed

"Since the use of 5G technology in the industrial environment is not yet as widespread as classic network alternatives, it will probably be some time before larger waves of attacks can be expected. Nevertheless, it is only a matter of time, of widespread use and the chances of success before cybercriminals also target this network technology.”

Another challenge when using 5G is that if there is poor network coverage, the connections can automatically fall back to 4G or even 3G without appropriate precautions, thus automatically adding the risks of this older technology. According to the survey, this is clear to the majority at 80,9 percent. However, one in five (19,1 percent) does not see this as a problem.

Too few measures are still being taken

At 74,4 percent, the majority of all companies surveyed are of the opinion that 5G technology requires special security measures for business use in companies. But: when asked whether these separate steps are also used, only just under half (total: 48,2 percent) admit to them.

At 54 percent, the smaller organizations are more consistent here than the companies with more than 500 employees (42,4 percent). The rest (43,2 percent) rely on the standard security measures. And this despite the fact that they are aware of the risks that 5G technology entails.

"It takes a lot of time and deep technical knowledge to understand the incredibly long and detailed specifications of the 5G protocols," explains Chester Wisniewski, Field CTO Applied Research at Sophos. “Only then can the potential risks of this technology and its functions be recognized and evaluated. Businesses need more information and support to ensure security in specific areas of 5G technology, such as security ecosystems including firewalls that support 5G.”

About the Sophos survey

In the second quarter of 2023, with the help of market research by techconsult, Sophos surveyed IT managers and employees from 200 German companies with between 100 and more than 500 employees about their use of 5G technology.

More at Sophos.com


About Sophos

More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.


Matching articles on the topic

Data protection: trends in 2024

What challenges could companies face in the area of ​​data protection this year? And how can you relate to that? ➡ Read more

These threats have shaped 2023

In 2023, botnets returned from the dead, ransomware actors found creative ways to make money from theft, and threat actors ➡ Read more

FBI, Europol, NCA: APT group LockBit smashed!

According to the authorities, Europol, the FBI and the British NCA have dismantled the APT group LockBit. At least she has ➡ Read more

Phishing, vishing and quishing

In the early days, phishing attacks were often very simple and used legitimate sources of written communication such as email to gain access ➡ Read more

Pawn Storm under the microscope

Pawn Storm (also APT28 or Forest Blizzard) is a group of APT actors who distinguish themselves through persistent repetition in their tactics, ➡ Read more

Pig Butchering: Lucrative business model for cyber gangs

Sophos has revealed how Sha Zhu Pan scammers are now using a business model for their so-called pig-butchering scams that are supposedly aimed at romance ➡ Read more

Fines for violating the GDPR

The General Data Protection Regulation (GDPR) came into force in November 2018 to standardize the rules for processing personal data across the EU. ➡ Read more

Cyber ​​attacks are the main reason for business failures

A leading provider of data protection and ransomware recovery solutions by market share, releases the results of its fifth annual report. ➡ Read more