Critical infrastructure: keep a close eye on baby elephants in the room
Critical infrastructure: keep a close eye
There is no doubt that the debate on how 5G technology may or may not be abused for fraudulent purposes is important. But lesser-known evolving technologies are just as vital and should be on the radar as well.
You cannot have missed the news: 5G infrastructure in mobile networks has ignited an intense debate on the accompanying cybersecurity challenges. The expanded use of software in the 5G environments is new as is the dominant role of suppliers in building and operating 5G networks that introduces new degrees of dependency. Experts have warned that we should not place too many eggs in the basket of a single 5G supplier.
Politicians and policy makers move cautiously. This makes sense, as mobile networks are vital for the functioning of modern society. It is simple: the stakes are high. However, they should not be blinded by this media-savvy topic. Other emerging technologies may be just as important.
As a consequence of the 5G upheaval, there may be (baby) elephants in the room that go largely unnoticed.
One of these is the use of good old GPS, a technology that has become vital for many activities in society. In fact, the United States Department of Homeland Security have found that fifteen out of eighteen of their Critical Infrastructure and Key Resources have some degree of dependency on GPS (especially timing based on GPS). The risks have proven to be real as there are indeed many vulnerabilities: in the summer of 2019, Iran likely (this is still unproven) misled a British oil tanker to sail into Iranian waters by using fake GPS signals. Iran could therefore easily capture the oil tanker in the wake of the geopolitical situation they were in with the United Kingdom.
Alternatives are in the making, and it looks like China’s BeiDou has the best cards to win this game. The difference between the Chinese BeiDou and American GPS is the fact that BeiDou may operate as a two-way communication system. This means that China might be able to determine the location of those retrieving their own location. More importantly, they are able to shut down their services locally. Especially in turbulent geopolitical times, this is frightening.
Another (baby) elephant is the emergence of Artificial Intelligence in many aspects of daily life. Although the use of AI is still in its infancy, in the coming years we may witness a rapid rise in e.g. the use of voice and facial recognition. This will lead humankind into the next level of ease of use and the most probable scenario is that many of us will simply become addicted to using AI-powered applications. Moreover, algorithms make vital decisions that impact our lives. More and more, they have a guiding effect on our behaviour. One important driver is the so-called automation bias: in automated environments, we seem to have unwavering faith in technology, ranging from accepting suggestions from a spell checker to a pilot that trusts the technology in his cockpit. As a result of the rise of AI, the developers who control the code of the algorithms behind these applications may become just as powerful as the companies that are now in the spotlight for dominating 5G networks.
All things considered, this means that a good strategy for security should stretch beyond current hot topics. We must also keep a close watch on new elephants in the room before they get the chance to stampede through the porcelain.
© 2021 KPMG N.V., een Nederlandse naamloze vennootschap en lid van de wereldwijde KPMG-organisatie van onafhankelijke ondernemingen gelieerd aan KPMG International Limited, een Engelse vennootschap “limited by guarantee”. Alle rechten voorbehouden.