Unleashing the Power of 5G Connectivity

KUALA LUMPUR, 3 July 2023 – In the realm of technological advancements, the arrival of 5G has sparked immense excitement and curiosity. Promising faster speeds, lower latency, and improved connectivity, 5G has the potential to revolutionise various industries and transform the way we live, work, and communicate.

In March 2021, government-owned Digital Nasional Berhad (“DNB”) was appointed as Malaysia’s 5G Single Wholesale Network (“SWN”) provider to build, own, and operate the 5G wholesale network and services nationwide. As of May 2023, Malaysia's 5G network has managed to cover 62.1% of the country’s populated areas and is scheduled to reach 80% coverage by year end.

This accomplishment showcases the nation's robust 5G infrastructure in its ability to support dataintensive applications while establishing itself as a leader in the digital era. These accomplishments underscore Malaysia's commitment to develop a robust 5G infrastructure and position itself as a frontrunner in adopting and implementing this transformative technology. Leveraging on the network’s superior speed and capacity, the deployment of 5G infrastructure in Malaysia is expected to drive substantial economic growth - creating jobs, business opportunities, and foster innovation and technological advancements. Prominent industries such as healthcare, transportation, agriculture, manufacturing, and entertainment will witness a significant boost in productivity and efficiency, leading to economic benefits on a global scale.

However, as with any disruptive technology, 5G also presents potential risks that must be addressed:

Securing the IoT ecosystem

5G networks boast blazing-fast speeds, allowing for the seamless transfer of data and ultra-low latency. This breakthrough in connectivity will open doors for numerous transformative applications such as high-quality video streaming, virtual and augmented reality experiences, and facilitate the growth of the Internet of Things (IoT) ecosystem.

Consequently, the security of IoT devices have increasingly become a significant concern, as they are vulnerable to cyber-attacks that can compromise network and data security. In the 2016 Mirai Botnet attack, a major DDoS attack targeted Dyn, an Internet performance management services provider. Using an IoT botnet, the attack infected computers, exploited vulnerable IoT devices such as cameras and DVR players, and took down popular websites such as CNN, Netflix, and Twitter. It will soon be crucial enough for organisations to prioritise IoT security in protecting Malaysia's 5G landscape where necessary measures need to be in place to ensure IoT devices are securely authenticated before they are allowed to connect to the network. This will at least involve the use of secure protocols, digital certificates, and unique device identifiers to verify the identity of the devices.

Benefits and limitations of private 5G networks

Private 5G networks offer organisations greater control, security, and performance. By having full control over their network infrastructure, configuration, and management, organisations can implement specific security measures and customise network settings according to their unique needs. Millimeter wave (mmWave) technology used in Private 5G networks can also be optimised for low latency and high-performance applications. However, real-world mmWave network speeds vary greatly with range, signal obstructions, and proximity to the nearest 5G tower or small cell. Users must be within a block or two of a 5G tower without any line-of-sight (LOS) obstacles to receive mmWave signals as their highfrequency nature makes them susceptible to blockage by buildings, walls, windows, and foliage, resulting in a reduced coverage range. Due to these limitations, mmWave technology is better suited for dense urban environments while suburban and rural areas are better served by more cost-effective and easier-to-deploy 4G LTE.

Network slicing

Another layer of the multi-faceted 5G technology is network slicing. It provides increased user flexibility and allows the creation of dedicated segments within a single physical network to cater to specific applications. However, it also poses potential security threats - exploiting a weakness in one network slice could enable attackers to move laterally to other slices, expanding the impact of their attacks. To worsen matters, hackers might target rarely updated devices such as consumer gaming systems to find 5G security vulnerabilities. By targeting weaknesses in one slice, cyber criminals could launch horizontal attacks against other network segments. To address this, organisations should ensure proper segmentation and isolation between network slices. Each slice should be treated as a separate entity with its own security controls, access policies, and monitoring mechanisms to prevent lateral movement of attackers from one slice to another.

Protecting user privacy

5G incorporates robust countermeasures against International Mobile Subscriber Identity (IMSI) catchers. However, their efficacy can be compromised by resourceful hackers. IMSI catchers, employed by law enforcement authorities, serve as interception tools for phone calls and messaging communications. In 2021, Germany made changes to its regulations on IMSI catchers, raising concerns as the country continues to deploy 5G networks. These updated regulations now require communication operators to collaborate with law enforcement when IMSI catchers are used for surveillance. While the use of IMSI catchers on the 5G network poses a risk to individuals' privacy, security researchers have indicated that the 5G network does offer some protection against IMSI catchers, but the effectiveness of this protection depends on its implementation. Researchers have also highlighted the differences in security features between non-standalone and standalone 5G networks. Non-standalone networks, which consist of 4G/LTE base stations and 5G radio antennas, remain vulnerable to passive surveillance. The security measures capable of preventing this type of surveillance are only available in standalone 5G networks.

Data collection is another significant concern for 5G users. During installation of smartphone applications, users are typically required to provide personal information. However, app developers often fail to disclose how and where this data is stored and used. With 5G networks’ lack of physical boundaries and heavy reliance on cloud-based data storage, it will become increasingly challenging for operators to protect and control users’ data. Moreover, the varying levels of privacy measures and enforcement across different countries pose a serious threat to user privacy, especially when data is stored in a foreign cloud environment.

Unleashing 5G’s true potential

The opportunities presented by 5G technology are unparallel to any other, promising a future of unprecedented connectivity and innovation. "Empowering the least developed countries with information and communication technologies” - this year's World Telecommunication and Information Society Day (WTISD) theme highlights the importance of providing access to transformative technologies in bridging the digital divide to promote inclusive development. Among existing technologies, 5G stands out as a key enabler in fulfilling this vision.

However, realising the full potential of 5G requires a comprehensive approach that addresses accompanying risks, safeguards privacy and security, ensures equitable access, and fosters collaboration among stakeholders. By embracing these challenges head-on, we can unleash the true power of 5G and create a world that is more connected, efficient, and sustainable for all.

As the technology is evolving at breakneck speed in the digital domain and cyber ecosystem, it is imperative to state that the legislative aspect of a Cyber Security Bill to be mooted to remain relevant with the ever-changing world in 5G realm.

Mohd Fairuz bin Ismail is the Technology, Media & Telecommunications Deputy Leader, Deloitte Malaysia and TMT Sector Leader, Deloitte Southeast Asia. The above views are his own.

Deloitte Malaysia

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities (collectively, the “Deloitte organization”). DTTL (also referred to as “Deloitte Global”) and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties. DTTL and each DTTL member firm and related entity is liable only for its own acts and omissions, and not those of each other. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more.

Deloitte Asia Pacific Limited is a company limited by guarantee and a member firm of DTTL. Members of Deloitte Asia Pacific Limited and their related entities, each of which is a separate and independent legal entity, provide services from more than 100 cities across the region, including Auckland, Bangkok, Beijing, Bengaluru, Hanoi, Hong Kong, Jakarta, Kuala Lumpur, Manila, Melbourne, Mumbai, New Delhi, Osaka, Seoul, Shanghai, Singapore, Sydney, Taipei and Tokyo.

About Deloitte Malaysia

In Malaysia, services are provided by Deloitte PLT (LLP0010145-LCA) (AF0080), a limited liability partnership established under Malaysian law, and its affiliates.

This communication contains general information only, and none of DTTL, its global network of member firms or their related entities is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser.

No representations, warranties or undertakings (express or implied) are given as to the accuracy or completeness of the information in this communication, and none of DTTL, its member firms, related entities, employees or agents shall be liable or responsible for any loss or damage whatsoever arising directly or indirectly in connection with any person relying on this communication.

© 2023 Deloitte PLT