Back to Blog
The Cybersecurity Risks of AI and 5G

connected 5g city

As 5G continues to roll out across the globe, it promises a hyperconnected world with fast downloads and low latency. These benefits of 5G in turn mean more complex systems—AI powered systems like smart cities and autonomous vehicles—are no longer the stuff of sci-fi fantasy, but technology that will be available to the average consumer in the near future. 

Moving from Centralized to Distributed AI

AI has been around since 1955, just a decade after Von Neumann first described the stored-program architecture in 1945. The first proof of concept for what we know today as AI was created by scientists Allen Newell, Cliff Shaw, and Herbert Simon through their program, the Logic Theorist. This program allowed computers to mimic human problem-solving skills and strategies. 

AI systems are highly complex, software-heavy applications, but they can be boiled down to a few basic components: an engine that processes data and sends commands, training data that provides data points for that engine to learn from, and the device that carries out the commands the engine creates. 

For example, a Nest thermostat is able to set a user’s preferred temperature by analyzing and learning from the user’s behavior. Eventually, it is able to predict that the user likes to set the temperature 10 degrees cooler at night, and the AI engine will then send a command to the thermostat to lower the temperature at the same time every day. 

Most of the AI applications that we have seen since the technology’s inception over 60 years ago have been Centralized AI. Centralized AI describes the scenario in which the engine that processes the data and sends a set of commands based on that data isn’t in the device it is commanding, but rather it is centralized on a dedicated server.  In the case of the Nest thermostat, the data processing and command sending is not done by the thermostat itself, but by the Nest centralized cloud service that all Nest products and applications are connected to.

That all changes with 5G because 5G will enable Distributed AI (DAI). DAI isn’t a new concept, but 5G will support the adoption of DAI at a much higher rate than previous network generations because of its increased bandwidth or reduced latency. 

Distributed AI makes systems work smarter, not harder

5G makes the proliferation of AI a reality because the network is allowing for the expansion of smart sensors. By 2025, 41.6 billion IoT devices are expected to be connected to the new network. From those devices, billions of sensors will provide contextual training data that DAI systems require to function. 

Centralized AI uses standard training data to learn and requires millions of data points in order to function properly. Those millions of data points are stored in a centralized location, like a data cloud, which communicates back and forth between the AI devices. 

The concept of DAI and the use of contextual training data—or data that is shared not from a centralized location but from one device to another—was first introduced by Google in 2017. Google presented the notion (which they dubbed Federated Learning) of a device downloading the training data, and then improving upon that data by learning from the data stored on the device. Then, the improved data is sent back to the cloud to update the original training data set. 

With 5G and its ability to proliferate more connected devices, this method of constantly improving  and sharing training data on a distributed platform leads to faster and better decision making. The savings of a couple seconds or even milliseconds might not seem to have the biggest impact, but when AI systems are making decisions in things like autonomous vehicles, quick and correct decisions are a matter of human safety. 

Another benefit of DAI is that it won’t require as much data to work because it learns through interaction and communication with other systems. AI will still require a significant amount of data to process and learn from, but DAI means that it won’t require quite as much data as Centralized AI does. 

Essentially, DAI gives more context to the data that the engine is processing through its interactions with the data on the device as well as other devices that are connected to the same network. Think of it like learning a new language through textbooks versus moving to the country where that language is spoken and having to interact with native speakers. You’re a lot more likely to learn the language better, and faster, than sitting in a classroom and conjugating verbs.

Complex & vulnerable software requires defense-in-depth

The ability of 5G to support billions of connected devices has been touted as one of the greatest benefits of the next-gen network. The hyperconnected world of 5G will of course allow for complex applications and advanced systems, but it also creates an environment ripe for cyberattacks. As we’ve said before, with every new connected device that joins the network, a new inlet for attack is also created.  For example, an attacker can exploit a software vulnerability on something as seemingly innocuous as a connected printer, to then gain access to the network and target more advanced systems. 

Let’s consider a smart factory has multiple complex systems, as well as simple, unassuming devices, all connected to the same 5G network. For the purposes of this example, we’ll pick an innocuous device like a printer in the back office of the factory. Let’s also say the application software running on that printer has a common vulnerability, like a buffer overflow. On the factory floor, a variety of systems connected to 5G are also in use, things like industrial sensors and self-driving forklifts. Because both the autonomous forklift and the printer are connected using the same network, an attacker could exploit the buffer overflow in the software on the printer to gain access to the network and seek out the autonomous forklift to do anything from denial of service to controlling it entirely. 

A seemingly harmless, but insecure, device like a printer can give an attacker the ability to access any other device on the network and wreak havoc. Whether that’s damaging millions of dollars equipment or endangering the safety of the humans working in that smart factory.

This is just one hypothetical situation that illustrates the need for robust, defense-in-depth cybersecurity. The same scenario described above, would not happen if the printer had been secured using each layer of the cybersecurity stack. For example, a printer with CoreGuard protecting it would have entire classes of software vulnerabilities, including buffer overflows, entirely protected against.

Download Now - The Cybersecurity Stack: How to Secure Embedded Systems with a Defense-in-Depth Approach

 

The risks associated with 5G devices using AI applications are even more dangerous when we consider the fact that the military is likely to be connecting to the same 5G network. Then an insecure 5G network with insecure devices moves from being a cybersecurity risk to an issue of national security.

AI-enabled devices using 5G have the potential to do everything from having Siri show us a nearby coffee shop faster, to making smart cities and fully self-driving cars the norm. But any revolutionary technology requires a revolutionary approach to protecting it. 

To learn more about how Dover’s CoreGuard technology provides the cybersecurity ingenuity that 5G demands, click here.

 

Share This Post

More from Dover

PublishedOctober 28, 2020

5G is often touted for its consumer benefits. Everything from better, more reliable cell phone service to the proliferation of self-driving cars are made possible with 5G. However, the high speed, greater bandwidth, and lower latency of the 5G...

CoreGuard