At a critical security meeting, papers warned that the high-speed 5G communication network can be used by intermediaries and agents to link crimes like drug trafficking, human and organ trafficking, money laundering, and terror financing.

Some Indian Police Service personnel presented papers during the recently finished DGP/IGP conference, attended by Prime Minister Narendra Modi.

According to the papers, the 5G network is built on open Internet protocols and inherits all the flaws of previous generations, making it vulnerable to cyberattacks and degrading system security.

The IPS officers who wrote the papers recommended proactively developing a reserved 5G bandwidth and highly secured equipment for sensitive government communications and military use, and only approved and authenticated firms with the lowest cyber risk or highest safety protocols should be allowed to work for government agencies.

'Because real-time 5G networks are making cryptocurrencies and decentralised banking systems more popular, it will be hard to track the links and money.

The papers said that 5G could be a great way for middlemen and agents to make connections for crimes like drug trafficking, organ and human trafficking, money laundering, funding terrorism, etc.

Last week's three-day annual conference was attended by the prime minister, the Union Home Minister Amit Shah, the National Security Adviser Ajit Doval, and about 350 of the country's top police officers.

The core of the 5G network is made up of open and easy-to-use Internet protocols like HTTP and Transport Layer Security (TLS). In a Network-Slicing environment, the cyber security of each sub-network will be different.

The encryption keys for radio interfaces are sent over routes that are not secure. IDOR, or 'Insecure Direct Object Reference,' is one type of vulnerability that could happen.

The papers said, 'Cyberattacks can happen on the Telco cloud, which can make the network and data stored in the cloud less safe.'

Because of network function virtualization (NFV), criminals can use or carry out attacks to get to target lists of phone numbers and even change them.

5G has some improvements that make it possible to control things like drones, robotic surgery, etc. from a distance, but criminals can also use this to their advantage.

Edge computing is another problem with 5G. This is when processing is done at decentralised nodes close to the user network that talk to each other.

This makes it harder for security organisations to gather data because there is no central point through which data can flow.

The papers said that 5G can support millions of AI-based Internet of Things (IoT) and devices per square kilometre. This means that cybercriminals will have a lot more places to attack.

The papers said that it might be easier to commit cyber crimes like mobile network mapping, distributed denial of service, battery draining, service degradation, mobile IMSI capture, malware injection, CnC creation, intercepting communication, DNS spoofing, uplink and downlink impersonations, etc.

'During the first part of the transition, future 5G networks will have the same security flaws as the last generation.'

During the next standardisation process, there is a chance that end-to-end encryption (E2ER) will be added to the standard. This is a problem for law enforcement agencies.

The IPS officers wrote that the companies that make 5G equipment will try to sell the valuable data to marketers for targeted advertising. This should be watched to make sure it doesn't get into the wrong hands.

The only way to protect this new ecosystem that 5G has made is with all-around cyber security. Everything should be seen as a possible attack point, from the core devices to the network layers, IoTs, and the user's phone or appliances.

As a safety measure, the IPS officers said that consumers need to learn more about IoT security and that equipment should only be bought from trusted sources, not places like China.

'The network carriers need to use a hybrid cloud-based system in which delicate data is kept regionally and less sensitive information is stored in the cloud. Network operators need to be aware of the need for their infrastructure to be resilient to things like power cuts, natural disasters, misconfiguration, etc 'they said.