As researchers and the industry move towards 6G technology, cybersecurity has been recognized as a pivotal field that will minimize the risk of digital threats in the future. To realize the vision of 6G, researchers are developing a few novel approaches to areas like spectrum regulation, antennas, machine learning, artificial intelligence, and digital twins—all of which will require robust cybersecurity elements to enable their widespread adoption by industry, academia, and consumers in the future.
According to a report published by Accenture, cyberattacks targeting companies grew by a staggering 31 percent from 2020 to 2021. Organizations that have seen successful breaches through their supply chains have increased from 44 percent to 61 percent over the same period, demonstrating that the threat of third-party risks has become an increasingly worrying reality.
This scenario is likely to become more common as countries deploy 5G worldwide. “5G is the first technology to enable critical applications [house care, smart cities], and services like ultra-reliable low latencies or machine-to-machine communications,” explains Yong Zhou, chief security solutions architect at Keysight Technologies.
5G marks the beginning of a revolution in network security design. 6G will continue the network cybersecurity enhancement efforts begun with 5G. While 6G technology is still being defined by international standardization bodies, research into ways to enhance cybersecurity in 6G has quickly become a priority, including research investigating ways to optimize cybersecurity in the internet of things (IoT), user data security, and ways to better leverage machine learning and artificial intelligence to train cybersecurity systems and algorithms.
6G Cybersecurity: The Internet of Things and the Attack Surface
Each network simultaneously supports a different number of connected devices within a given area. For example, the 4G network can connect up to 2,000 devices per square kilometer (.38 square miles). This figure increases to one million connected devices in the same range with 5G and increases again with 6G expected to accommodate up to 10 million IoT devices in the same area. These devices represent the ‘attack surface’, or the possible points, known as attack vectors, that unauthorized users can access to extract data.
Every increase in connected devices has a corresponding increase in exposure to cybersecurity risk events. Beyond phones, devices under threat include health care equipment, industrial machines, and computers. In addition to connected devices, this attack surface also includes the network infrastructure itself.
As we move towards 5G and eventually 6G powered networks, “we are talking about billions of IoT machines”, Zhou says. “There will be radio access network [which connects users to the cloud], core network, and a multivendor environment. You want to make sure that all components of this network infrastructure are reliable and secure against cyberattacks to support critical services.”
As we move closer toward 6G technology, the concept of ‘cybersecurity by design’ is taking hold as a potential, and promising, answer to securing the growing attack surface. Underpinning the concept of cybersecurity by design is a paradigm shift away from reactionarily developing solutions for security threats and instead being proactive and ensuring that cybersecurity is baked into 6G-capable items from the start. While this concept is still new, the cybersecurity by design mindset is one that companies should embrace as part of a larger action plan to prevent and manage cyber threats.
“Sometimes, the first time a security team sees a security incident is when it happens live. And that is a big issue,” warns Andrew Young, principal security solutions architect at Keysight. “For device manufacturers, employing a solution like a threat simulator in that live environment gives customers the ability to run real-life scenarios with real-life malware but in a safe environment.”
Emulation is quickly becoming a critical element of cybersecurity planning. The ability to replicate risk events digitally enables security teams to identify and correct security gaps and misconfigurations, but also to put their cybersecurity strategies into practice in a realistic virtual environment. This ensures that security teams have experience recognizing a wider range of security breaches and are able to identify threats so they can quickly take corrective actions when the threats present themselves in real life.
6G Cybersecurity Eliminates Outdated Approaches to Securing User Data
6G cybersecurity systems do away with once-ubiquitous security tactics. “Passwords are definitely going away; It is a given,” Zhou states. The cyber environment will be certificate-based and encrypted. This means that 6G cybersecurity systems will verify whether users are authorized to access a given software, for example. 6G will also benefit from novel existing security approaches. With micro-segmentation, for example, systems will be able to isolate communications and create a virtual ‘bubble’ to increase security. These new approaches to cybersecurity solutions will enable the robust zero-trust network architecture required for the planned 6G cybersecurity infrastructure.
Zero-trust architecture assumes that no entity is implicitly safe—that the network cannot trust anyone unless they have the appropriate credentials. This architecture promises to make communication and data access points far more difficult to breach. “You are not protecting just the service, but also the users’ data or a business’ critical trade secrets,” Zhou explains. “With zero-trust, micro-segmentation, and tight security controls combined, you can really protect your data.”
Data goes far beyond the daily web browsing and financial data that is most thought of in the context of cybersecurity and privacy. The past five years have seen an explosion in the number of connected devices across verticals and sectors where cybersecurity plays a literal life-and-death role. The internet of medical things (IoMT), for example, helps care teams to deliver more tailored care and is improving medical care and patient outcomes. This data is equally valuable to criminals who would hold this sensitive data hostage and release it for a price. Keysight Technologies 2021 Security Report suggests a dramatic increase in the deployment of ransomware attacks in 2020, with healthcare being the most attractive target for cyberattacks.
The deployment of 5G has improved cybersecurity but the exponential increase in devices and data that 6G promises will require robust real-time cybersecurity responses. Researchers at Keysight are investigating new cybersecurity testing techniques that leverage digital twin technology to flag potential threats and take corrective measures in real-time. This process takes weeks under today’s 5G network, but 6G is anticipated to cut this to a few hours, resulting in a more resilient cybersecurity infrastructure for device users and manufacturers.
6G Cybersecurity Will be More Complex with Machine Learning and Artificial Intelligence
Artificial intelligence (AI) and machine learning (ML) are critical components of 6G—and vital to training cybersecurity systems and algorithms. They also offer additional layers of complexity that create more robust cybersecurity systems. However, as AI becomes more pervasive, so too do the number of bad actors with the skills and incentive to exploit the technology for nefarious purposes. Conquering the vulnerabilities within AI and ML training algorithms is critical to building a resilient, scalable, and secure 6G powered future.
Cyberattacks can manipulate machine learning models during training or testing times and will undermine the AI’s predictions. Just as worrying, these attacks can reverse engineer the algorithm to extract proprietary information. A second threat that researchers must account for is the creation of models built for nefarious purposes—either to commit cybercrimes or with military or law enforcement context. An AI algorithm’s quality is determined by its reliability, accuracy, and consistency. Tactics that undermine any of these have cascading repercussions for any future developments that rely on AI. Thus, accelerating innovation across the spectrum of emerging technologies is dependent on ensuring that AI algorithms are trained to identify and block adversarial events.
For 6G cybersecurity, the long-term goal is an autonomous, self-preserving network that can respond independently to potential threats without causing disruption to normal use. While these cyber-resilient networks are still on the horizon, researchers are investigating adversarial machine learning approaches to train models to identify probable threats and determine an appropriate correlating response. This is a core responsibility of AI in the planned 6G cybersecurity architecture.
Google conducted experiments demonstrating real-world applications for adversarial machine learning. Their published findings demonstrated that by presenting intentionally manipulated examples to ML networks, the system could be trained to identify and mitigate incoming attacks that force the system to misclassify information.
Prepare Today for a More Secure, 6G Enabled Tomorrow
New technologies always bring new threats to light which must be addressed alongside existing threats that accompany current technologies. The research focused on preventing cybercrimes particularly emphasiz the development of 6G cybersecurity solutions that will scale and combat threats inherent in the growing multivendor marketplace. Already, 6G cybersecurity research is creating a paradigm shift in how we think about securing digital data today.