5G Networks Must Be Secure and Reliable

Jim Baker
Wednesday, March 13, 2019, 10:31 AM

5G promises to revolutionize how people use technology. From transportation to health care to entertainment, the way people interact with wireless internet devices will change substantially. And as 5G enables data to be transmitted much more quickly, the number of devices connected to the internet will likely explode, producing massive economic benefits for those who can quickly take full advantage of the new technology.

Cell tower at sundown (Source: Flickr/Carl Lender)

Published by The Lawfare Institute
in Cooperation With

5G promises to revolutionize how people use technology. From transportation to health care to entertainment, the way people interact with wireless internet devices will change substantially. And as 5G enables data to be transmitted much more quickly, the number of devices connected to the internet will likely explode, producing massive economic benefits for those who can quickly take full advantage of the new technology.

But 5G poses huge risks for society as well. As people become more dependent on wireless communications and generate even more data about what they are doing, the adoption of 5G will bring with it substantial national security, cybersecurity and privacy risks. These risks must be mitigated appropriately in order to protect the interests of the United States and its allies.

China is committed to overtaking the United States as the predominant world power and is developing a range of strategies to achieve that goal—especially with regard to advanced technology such as 5G. Countries and companies that successfully deploy 5G first will learn how to efficiently and reliably operate such networks, gaining significant practical advantages over competitors. To remain competitive, then, the United States and its allies cannot fall substantially behind China in 5G implementation.

However, rapid deployment is not enough; it is also critical that 5G networks be both reliable and secure.

To fulfill their true promise, 5G networks need to work reliably all the time. Networks cannot have transmission failures, latency problems or gaps in coverage if, for example, 5G is being used to control a wide range of autonomous vehicles or to conduct medical diagnosis and procedures remotely. Moreover, critical infrastructure operated by the private sector, public safety officials and the military must run on reliable 5G networks.

Just as crucially, 5G networks—and the devices connected to them—must include appropriate cybersecurity features. Such features must be able to prevent malicious actors from stealing data transmitted, processed or stored on such systems; from using network-connected devices to attack other devices; and from degrading or disrupting the network itself. To do otherwise would be to let the race to 5G turn into a cybersecurity and privacy apocalypse.

In the rush to implement 5G, network security and reliability are not receiving enough attention in some discussions regarding the right way to foster 5G development. Already, various proposals on the table seem hastily crafted. For example, some observers have proposed that the government nationalize 5G networks, which does not seem wise from either an economic or a technical perspective.

In a recent piece in Newsweek entitled “If China Dominates 5G, It Will Control the Future,” former Speaker of the House Newt Gingrich highlights both the huge potential in advanced 5G networks and the threat posed by China. Gingrich rightly asserts that the United States should rely on its strengths—its “culture of innovation, the power of price discovery, and deep and liquid financial markets”—to address this threat. But he then criticizes incumbent U.S. carriers—presumably big providers such as AT&T, Verizon, Sprint and T-Mobile—as moving too slowly and “deceptively” rebranding their 4G networks as 5G.

Instead of supporting nationalization or reliance on the current wireless providers, Gingrich appears to suggest some type of wholesale open-access plan, which may involve the government creating or selecting a single organization to act as a central market distributor of the 5G spectrum. Other companies—presumably including large network providers such as AT&T, Verizon, Sprint and T-Mobile, as well as smaller companies—would then bid on portions of the spectrum. Thus, the system would distribute the spectrum to a larger number of companies, enabling the wholesaler to make substantial profits. Gingrich proposes that this wholesaler make:

shared spectrum available for a carrier-neutral, wholesale-only, nationwide 5G network to be built in the next two to three years across the entire country. This could be a kind of wireless moonshot (but with private capital) that will spur microelectronics manufacturing here at home, accelerate the deployment of next-generation networks, and show the world that Chinese wireless dominance is not inevitable.

The proposal has already sparked debate. Wharton School professor Kevin Werbach promotes the wholesale open-access concept, explaining its origins and some of the politics behind it in a very informative op-ed in the New York Times. Meanwhile, Brendan Carr, a commissioner at the Federal Communications Commission, views Gingrich’s proposal as tantamount to adopting China’s command-and-control business model—in which central government planners make decisions rather than relying on free markets—and rejects it on that basis. In turn, Gingrich has rejected Carr’s critique of his proposal.

What worries me most about Gingrich’s proposal is the lack of clarity about whether his nationwide 5G network would promote security and reliability. If the U.S. cannot be sure that the open-access concept will result in secure and reliable 5G networks, then that concept is fundamentally flawed and should not be pursued.

While working at Verizon, I learned that designing, building and running massive networks like those owned by Verizon, AT&T, Sprint and T-Mobile is very, very hard. Such networks are incredibly complex and require vast investments of financial and human capital to develop. They require a herculean effort to build and operate securely and reliably. Many skilled technicians are required to keep everything working continuously. Network providers also need to make sure that they can connect their systems to those of other providers around the world in a seamless way. Therefore, decisions about changes to these networks need to be made carefully and with an eye on the long-term.

Given these facts, it is simply unrealistic to think that newcomers will be able to jump in and deliver secure and reliable 5G in the time horizon that Gingrich suggests—two to three years. Smaller companies, such as MCI, certainly have disrupted the telecommunications market in the past, but any realistic proposal for facilitating 5G deployment must admit that this is hard to do successfully. This is exactly the kind of situation that would create a substantial security and reliability risk: 5G infrastructure operated under an open-access plan by companies with little or no experience running complex networks.

I don’t pretend to have the perfect solution to the 5G/China challenges that the former speaker and others correctly highlight. The rollout of 5G across the country faces many impediments, including the fact that all network providers—even in a wholesale open-access system—can’t just add 5G infrastructure to existing towers and be done with it; they will have to obtain permission from a plethora of state and local governments in order to install the many necessary 5G small wireless facilities. National legislation might help in this regard, although that clearly raises questions regarding state and local jurisdiction that need to be considered carefully.

But regardless of whether the 5G network is rolled out on a national level or built piece by piece by private companies, no network will allow the U.S. to take full advantage of this rising technology unless the network’s providers prioritize reliability and security. Supporters of the open-access concept need to explain how they will achieve those objectives.

Jim Baker is a contributing editor to Lawfare. He is a former Deputy General Counsel of Twitter, the former General Counsel of the FBI, and the former Counsel for Intelligence Policy at the U.S. Department of Justice. In that latter role, from 2001-2007, he was responsible for all matters presented to the U.S. Foreign Intelligence Surveillance Court. The views expressed do not necessarily reflect those of any current or former employer.

Subscribe to Lawfare