SAS, sweet SAS – 10 minute mail

As you may already know from our social network posts, we have rescheduled the SAS 2020 conference for November 18-21 due to the COVID-19 pandemic and to ensure your safety. Though we still think that Barcelona is a great place to meet and it will not be a “real” SAS if we cannot hug, shake hands and touch beer glasses in that beautiful city, we cannot just leave it all until November. That is why we invite you to SAS at Home, a series of webinars scheduled to kick off very soon, on the 28th-30th of April.

For each of the three days, we have prepared presentations and master classes by world-renowned information security experts, who will share their expertise, best practice and tricks. We will be talking about APT groups, zero-day vulnerabilities and exploits, sophisticated attacks, and the state of the information security industry. As for master classes, Igor Kuznetsov will cover some of the most useful techniques for reverse engineering malware during his webinar, Static Binary Analysis: The Essentials. And that is just one example. Last but not least, Eugene Kaspersky himself will deliver a keynote address in the good old SAS tradition.

To learn more about SAS at Home, follow us on Twitter and Instagram. Do not miss your chance to spend your self-isolation days as usefully as possible and meet the world’s top information security experts, even if not in person. See you all at SAS at Home!


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

YARA webinar follow up | Securelist – 10 minute mail

If you read my previous blogpost, “Hunting APTs with YARA” then you probably know about the webinar we’ve done on March 31, 2020, showcasing some of our experience in developing and using YARA rules for malware hunting.

In case you’ve missed the webinar or if you attended and want to re-watch it, you can find the recording here:

As requested by many of you, we are also making the slides available through SlideShare:

Unfortunately, we were forced to cut short the broadcast as we were running out of time. Nevertheless, we received a number of interesting questions and as I promised, I will try to answer them below. Thanks to everyone who participated and appreciate all the feedback and ideas!

YARA webinar – questions

  1. Can you share the presentation? (multiple)

    Sure, please find the link above for SlideShare.

  2. Hi Costin! what is the point of writing a rule on the exploit and not about the vulnerability? (from Ari)

    Hi Ari, hope you guys are doing well! In this case, we are trying to hunt an unknown 0day exploit, therefore, we don’t know which vulnerability it exploits. The only thing we can try to hunt for are the artifacts that the exploit developer left in his older exploits of the same kind (in this case, Silverlight). For more details, please see our blogpost: The mysterious case of CVE-2016-0034: the hunt for a Microsoft Silverlight 0-day.

  3. I’ll add an xml-based switch to show Imphash in lowercase, in pestudio! (from Marc)

    Thanks Marc, appreciated, and sorry for mispronouncing your last name! Everyone, in case you aren’t already using Pestudio for your initial malware assessment, go check it out.

  4. “Your italian is pretty good man / your italian is not so bad / Your italian is great 🙂 ” – various amici

    Thank you! Perhaps not surprisingly, Romania used to be a Roman colony 2000 years ago, which is why our languages are so similar. Wishing you guys all the best, stay safe and stay healthy!

  5. When you are looking or other languages, does the “pe.language” catch all hexbyte formats? (I.e. UTF-8 and UTF-16 will show mandarin characters in different hex bytes) (from Jono)

    That’s a good question. In reality, pe.language actually cycles through all the resources in the PE file and returns true if the language of at least one resource matches the one you are looking for. So it doesn’t really searching for any characters in the file, only using the metadata from the resource section.

  6. Can please explain “not for all i” in criteria – from Rohit, referring to the generic YARA rule from example 3
    Indeed, this is one tricky rule. Just to make it easier, I’m showing the solution below:

    In essence, the rule works as follows: first, the version_info structure field named “CompanyName” should contain “Microsoft”, which means the file is claiming to be from Microsoft. Secondly, it needs to be signed with a digital certificate, so pe.number_of_signatures should be larger than 0. Finally, we check if there is at least one issuer for all the certificates used to sign the file that is not Microsoft nor VeriSign. Why “not for all”? Well, it’s a reverse logic – for all the certificates, we want to make sure the signatures are either from Microsoft or VeriSign. If at least one sig is found that is not from these two, the file is suspicious. Another way to do this would be to keep “and for all” and apply the not inside the loop, switching the “or” for an “and”. (because not (a or b) ==not a and not b)

  7. Do you have any open source database of good and benign files to test against false positives? (from Ramon)

    Hey Ramon, thanks for the question! Please turn to slide 37 for advice on how to build a benign sample set for QA and false positives testing.

  8. When you specify the “filesize” attribute within your rule – what denomination do you target? Bytes, Kilobytes, Megabytes etc…? (from James)

    By default, the filesize is expressed in bytes, so 200000 would be 200000 bytes. The YARA syntax also supports KB and MB, with KB multiplying by 1024 and MB by 2^.20.

  9. Would you recommend using the xor modifier now for this stuff? (from John) referring to slide 39:

    In particular, the example on the right side is from Shamoon2 samples, where some of the strings would be XOR’ed by a one byte key which kept changing from sample to sample. Interesting enough, YARA supports the “xor” modifier, since version 3.8 (or so). However, the xor modifier is always applied last, so for our case above, it would work, as the zeroes in the wide strings would be xor’ed as well! Therefore, we need to bruteforce the strings and use them like in the case above, if zeroes are not xor’ed.

  10. How long does it take to scan your full collection with a normal YARA rule? (from Juan Aleister-Crowley)

    The entire Kaspersky malware collection, which is possibly one of the largest in the world, takes between 1 and 2 weeks to scan entirely, on a cluster of a few hundred computers. However, in most case, we resort to scanning subsets, such as recent samples or known APT samples already tagged by our robots, which takes between minutes and up to a day or two.

  11. What is your experience of using matching on the PE Rich Header? (from Axel)

    Good question! While in theory the pe module could allow for creation of rules that match on the decrypted Rich header, we haven’t played much with that. This is however something we’ve explored in connection to the Hades APT attack on the Winter Olympics and the associated false flag that relied on the Rich header from a Lazarus sample.

  12. What are some best practices around managing a collection of YARA rules? Rules harvested from the web as well as the ones internally developed. Are there any specific tools dedicated to maintaining such a collection? Do you just use Git? (from V)

    Hey V, thanks for the question! This is indeed one of the trickiest things and I have to admit that I do not know of a perfect solution yet. Indeed, there are some YARA management frameworks, but I can’t say I’m a big fan of any of them in particular. I do use Git for this purpose, but I also lack a nice visual interface that would allow me to search, edit and run them against samples with a click.

  13. Better speed if checking the file size before the rules? (from Damien)

    That’s a good question. According to Victor, the condition is evaluated by a decision tree, so the order is not necessarily the one that you put in the syntax. To be honest, I do prefer to put the filesize check first, perhaps for “superstition” reasons 🙂

  14. Here is a question “5 of ($b*)” means “any 5 of ($b*)” or “first 5 of ($b*)” (from Yerbol)

    Indeed, that means any (sub-)group of five $b strings.

  15. Hi, why is important and good indicator to use PDB paths in a YARA sigs? (from Adrian)

    Based on our experience, PDB paths, in particular unique looking folder names from PDB paths, are very good for detection of future malware from the same author. For example, taking an EternalBlue scanner from Omerez, that is used by the CobaltGoblin group, it has the following PDB inside:
    C:OmerezProjectsEternal BluesEternalBlueScannerobjReleaseEternalBlues.pdb
    A YARA rule that matches on “C:OmerezProjects” could find other tools from the same author.

If you have more questions about the YARA webinar, please feel free to drop us a line in the comments box below or on Twitter: @craiu.

P.S. Special note for those trying to do the iOS/MacOS homework – if you write the rules but don’t have access to a platform to run them for hunting purposes, please drop us a note at: yarawebinar [at] kaspersky.com

Thanks and stay safe!
Costin


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Hunting APTs with YARA | Securelist – 10 minute mail

For the past few years, we have been spreading our knowledge and experience of using YARA, often called a pattern matching swiss knife for malware researchers (and everyone else). Most of the time, this took the form of the Kaspersky training course titled, “Hunting APTs with YARA Like a GReAT Ninja”. The first YARA training session of that kind took place in February 2016, on the beautiful islands of Tenerife. We have had hundreds of participants attend sessions in over a dozen countries since then.

Our next YARA training session was scheduled to take place in Barcelona, during SAS 2020, however, the global situation and the spread of the novel 2019 coronavirus disease, aka COVID-19, forced us to postpone both the conference and the training.

Meanwhile, we have been receiving a lot of requests to make our YARA hands-on training available to more people. We are working on this and we should soon be able to provide it as an online training experience. Stay tuned for updates by following us on Twitter: @craiu @kaspersky.

With many people working from home and spending even more time online, it is also likely the number of threats and attacks will increase as well. Therefore, we have decided to share some of the YARA experience we have accumulated during recent years, in the hope that all of you will find it useful for keeping threats at bay.

So, if you have wondered how to leverage YARA better and how to achieve a new level of knowledge in APT detection, mitigation and response, it all boils down to a couple of secret ingredients and lots of work. While the work is up to you, we can help a bit with a preview of the secret ingredients.

Long story short:

When: March 31, 14:00 GMT
Where: BrightTalk – https://kas.pr/z2o2
Who: Security researchers and incident response personnel, malware analysts, security engineers, network security analysts, APT hunters and IT security staff

During the webinar, we will demonstrate examples of real-world hunting rules we have developed internally at GReAT. For instance, these allowed us to find zero-days in-the-wild, financial APT tools, malware targeting crypto-investors, or APT tools that sabotage and tag SSL traffic.

For researchers, knowledge of YARA opens up several interesting opportunities:

  • First of all, this can be a great starting point for a carrier in threat intelligence.
  • It can help you make your day-to-day work more efficient.
  • You can start hunting for APT samples on platforms such as VirusTotal. All major APTs’ tools have been uploaded on VirusTotal at some point in time; one just needs knowledge and some luck to find those needles.
  • You can start hunting for APTs on your office/home computers, which might bring some interesting, and sometimes, surprising, results.

For organizations, this webinar will be useful if they commonly deal with problems, such as:

  • Managing multiple YARA rulesets from various sources; understanding which rules are good enough for detection, which ones are good for hunting and which ones should be avoided
  • Testing for false positives
  • Using YARA for incident response
  • Enhancing your SOC
  • How to keep calm and start using YARA with KLara.

Last but not least, if you want to share feedback or if you have #yara questions that you would like answered at the webinar, please feel free to drop us some comments on Twitter. See you on March 31!


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Hunting APTs with YARA | Securelist – 10 minute mail

For the past few years, we have been spreading our knowledge and experience of using YARA, often called a pattern matching swiss knife for malware researchers (and everyone else). Most of the time, this took the form of the Kaspersky training course titled, “Hunting APTs with YARA Like a GReAT Ninja”. The first YARA training session of that kind took place in February 2016, on the beautiful islands of Tenerife. We have had hundreds of participants attend sessions in over a dozen countries since then.

Our next YARA training session was scheduled to take place in Barcelona, during SAS 2020, however, the global situation and the spread of the novel 2019 coronavirus disease, aka COVID-19, forced us to postpone both the conference and the training.

Meanwhile, we have been receiving a lot of requests to make our YARA hands-on training available to more people. We are working on this and we should soon be able to provide it as an online training experience. Stay tuned for updates by following us on Twitter: @craiu @kaspersky.

With many people working from home and spending even more time online, it is also likely the number of threats and attacks will increase as well. Therefore, we have decided to share some of the YARA experience we have accumulated during recent years, in the hope that all of you will find it useful for keeping threats at bay.

So, if you have wondered how to leverage YARA better and how to achieve a new level of knowledge in APT detection, mitigation and response, it all boils down to a couple of secret ingredients and lots of work. While the work is up to you, we can help a bit with a preview of the secret ingredients.

Long story short:

When: March 31, 14:00 GMT
Where: BrightTalk – https://kas.pr/z2o2
Who: Security researchers and incident response personnel, malware analysts, security engineers, network security analysts, APT hunters and IT security staff

During the webinar, we will demonstrate examples of real-world hunting rules we have developed internally at GReAT. For instance, these allowed us to find zero-days in-the-wild, financial APT tools, malware targeting crypto-investors, or APT tools that sabotage and tag SSL traffic.

For researchers, knowledge of YARA opens up several interesting opportunities:

  • First of all, this can be a great starting point for a carrier in threat intelligence.
  • It can help you make your day-to-day work more efficient.
  • You can start hunting for APT samples on platforms such as VirusTotal. All major APTs’ tools have been uploaded on VirusTotal at some point in time; one just needs knowledge and some luck to find those needles.
  • You can start hunting for APTs on your office/home computers, which might bring some interesting, and sometimes, surprising, results.

For organizations, this webinar will be useful if they commonly deal with problems, such as:

  • Managing multiple YARA rulesets from various sources; understanding which rules are good enough for detection, which ones are good for hunting and which ones should be avoided
  • Testing for false positives
  • Using YARA for incident response
  • Enhancing your SOC
  • How to keep calm and start using YARA with KLara.

Last but not least, if you want to share feedback or if you have #yara questions that you would like answered at the webinar, please feel free to drop us some comments on Twitter. See you on March 31!


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Cybersecurity Research During the Coronavirus Outbreak and After – 10 minute mail

Virus outbreaks are always gruesome: people, animals or computer systems get infected within a short time. Of course, viruses spreading across our physical world always take priority over the virtual world. Nevertheless, everyone should keep doing their job, which includes all kinds of malware researchers, digital forensics experts and incident responders. At times like this, we all realize how important it is to be able to work remotely. However, the duties of a security researcher or a digital forensics expert pushes them to travel, visit victims or collect digital evidence in an ongoing hunt for malware artefacts. What can we do to reduce the need for travel? Of course, keep looking for replacement of our physical routines with remote ones.

It is about two and half years since we first open-sourced a tool for remote digital forensics called Bitscout. Born while I was with Digital Forensics Lab at INTERPOL, the tool has evolved and helped us in many cyberinvestigations. Based on the widely popular Ubuntu Linux distribution, it is packed with forensics and malware analysis tools created by a large number of excellent developers around the world.

What can it do? Well, we have tried to identify what it is that it *cannot* do and other expensive commercial tools used in digital forensics can. We have not really been able to find anything! Moreover, we have built so many new interesting techniques that are not available in commercial tools that it has every chance to replace commercial solutions in your organization if it gets into the right hands.

Let me just remind you about the approach we use in Bitscout:

  1. Bitscout is completely FREE, which helps reducing your forensics budget! Yay!
  2. It is designed to be remote, which also saves your time and money spent for travelling. And of course you can use the same techniques locally! To be frank, in light of the powers of all those forensic tools that are part of the toolkit, Bitscout itself is the least important element: the true value is in the knowledge of the underlying tools that you get access to by using Bitscout, not the product they ship with.
  3. Mastering Bitscout follows a steep curve, which, in the end, reinforces your experts’ technical foundations.
  4. Bitscout records remote forensics sessions internally, which makes it perfect for replaying and learning from more experienced users or using as evidential proof of discovery.
  5. It is fully open source, so you need not wait for the vendor to implement a patch or feature for you: you are free to reverse-engineer and modify any part of it.

Today, I am happy to announce that we are releasing a new version of Bitscout, based on the upcoming release of Ubuntu 20.04, scheduled for April 2020.

So, what is new in Bitscout 20.04 other than extended hardware support leveraging new OS and updated forensics tools from Canonical Ltd official repositories?

First of all, we have launched a project website at bitscout-forensics.info.

The website should become the go-to destination for those looking for tips and tricks on remote forensics using Bitscout and whatnot. In reality, Bitscout had been our internal tool for a long time and had been used only by a limited number of highly skilled researchers, who knew exactly how to use it. Yes, like many researchers, we lacked proper documentation and manuals which we will address with our new website. We have already linked several presentation videos and slides with live demos seen by security conferences and meetups. It is true that some of those commands we used in our demos are crazy long one-liners. So, to make it easy for you to copy them and try them out, we have started recording terminal sessions in ASCII video casts. Kudos to the awesome folks at asciinema.org! This way, should you want to try some of our black magic recipes, you can copy and paste them from a browser or a terminal into your own session.

Second, to address a popular request, we have released demo versions of three flavors of pre-built Bitscout images: minimal, balanced and full. This way, newcomers can easily try Bitscout without going through the whole build process. The download URLs for the ISO image files are available on the project website. However, please note they must not be used in a production environment.

Third, our little community of contributors keeps growing. I am happy to highlight some of the features contributed by others. Kudos to Xavier Mertens aka @xme!

  1. The following new tools from the security community are now part of Bitscout (full build) by default:
    • RegRipper,
    • Bulk Extractor,
    • Loki.

    It is great to have modern scanners such as Loki with an updated rich collection of Yara rules that comes with it.

  2. Optional logging of bash commands to a remote syslog server. This is particularly useful for environments where a Bitscout instance may be unexpectedly powered off or disconnected for a long time due to a network failure. It is also a great way to remember which commands you have run to find the clues.

And, if it feels hard for you to start using Bitscout, then join our training session on April 5-6 in the beautiful city of Barcelona, Spain. We will be demonstrating how to build your own Bitscout and customize it with your own tools, and of course walking you through the standard forensics procedure. Some of our advanced tasks include hypervisor debugging to overcome just about any type of proprietary full disk encryption. Our exercises will focus on the most popular platforms, covering Windows, Linux and macOS forensics challenges, along with some real malware. Stay safe and we hope to see some of you in Barcelona! Join us there!


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Cybersecurity Research During the Coronavirus Outbreak and After – 10 minute mail

Virus outbreaks are always gruesome: people, animals or computer systems get infected within a short time. Of course, viruses spreading across our physical world always take priority over the virtual world. Nevertheless, everyone should keep doing their job, which includes all kinds of malware researchers, digital forensics experts and incident responders. At times like this, we all realize how important it is to be able to work remotely. However, the duties of a security researcher or a digital forensics expert pushes them to travel, visit victims or collect digital evidence in an ongoing hunt for malware artefacts. What can we do to reduce the need for travel? Of course, keep looking for replacement of our physical routines with remote ones.

It is about two and half years since we first open-sourced a tool for remote digital forensics called Bitscout. Born while I was with Digital Forensics Lab at INTERPOL, the tool has evolved and helped us in many cyberinvestigations. Based on the widely popular Ubuntu Linux distribution, it is packed with forensics and malware analysis tools created by a large number of excellent developers around the world.

What can it do? Well, we have tried to identify what it is that it *cannot* do and other expensive commercial tools used in digital forensics can. We have not really been able to find anything! Moreover, we have built so many new interesting techniques that are not available in commercial tools that it has every chance to replace commercial solutions in your organization if it gets into the right hands.

Let me just remind you about the approach we use in Bitscout:

  1. Bitscout is completely FREE, which helps reducing your forensics budget! Yay!
  2. It is designed to be remote, which also saves your time and money spent for travelling. And of course you can use the same techniques locally! To be frank, in light of the powers of all those forensic tools that are part of the toolkit, Bitscout itself is the least important element: the true value is in the knowledge of the underlying tools that you get access to by using Bitscout, not the product they ship with.
  3. Mastering Bitscout follows a steep curve, which, in the end, reinforces your experts’ technical foundations.
  4. Bitscout records remote forensics sessions internally, which makes it perfect for replaying and learning from more experienced users or using as evidential proof of discovery.
  5. It is fully open source, so you need not wait for the vendor to implement a patch or feature for you: you are free to reverse-engineer and modify any part of it.

Today, I am happy to announce that we are releasing a new version of Bitscout, based on the upcoming release of Ubuntu 20.04, scheduled for April 2020.

So, what is new in Bitscout 20.04 other than extended hardware support leveraging new OS and updated forensics tools from Canonical Ltd official repositories?

First of all, we have launched a project website at bitscout-forensics.info.

The website should become the go-to destination for those looking for tips and tricks on remote forensics using Bitscout and whatnot. In reality, Bitscout had been our internal tool for a long time and had been used only by a limited number of highly skilled researchers, who knew exactly how to use it. Yes, like many researchers, we lacked proper documentation and manuals which we will address with our new website. We have already linked several presentation videos and slides with live demos seen by security conferences and meetups. It is true that some of those commands we used in our demos are crazy long one-liners. So, to make it easy for you to copy them and try them out, we have started recording terminal sessions in ASCII video casts. Kudos to the awesome folks at asciinema.org! This way, should you want to try some of our black magic recipes, you can copy and paste them from a browser or a terminal into your own session.

Second, to address a popular request, we have released demo versions of three flavors of pre-built Bitscout images: minimal, balanced and full. This way, newcomers can easily try Bitscout without going through the whole build process. The download URLs for the ISO image files are available on the project website. However, please note they must not be used in a production environment.

Third, our little community of contributors keeps growing. I am happy to highlight some of the features contributed by others. Kudos to Xavier Mertens aka @xme!

  1. The following new tools from the security community are now part of Bitscout (full build) by default:
    • RegRipper,
    • Bulk Extractor,
    • Loki.

    It is great to have modern scanners such as Loki with an updated rich collection of Yara rules that comes with it.

  2. Optional logging of bash commands to a remote syslog server. This is particularly useful for environments where a Bitscout instance may be unexpectedly powered off or disconnected for a long time due to a network failure. It is also a great way to remember which commands you have run to find the clues.

And, if it feels hard for you to start using Bitscout, then join our training session on April 5-6 in the beautiful city of Barcelona, Spain. We will be demonstrating how to build your own Bitscout and customize it with your own tools, and of course walking you through the standard forensics procedure. Some of our advanced tasks include hypervisor debugging to overcome just about any type of proprietary full disk encryption. Our exercises will focus on the most popular platforms, covering Windows, Linux and macOS forensics challenges, along with some real malware. Stay safe and we hope to see some of you in Barcelona! Join us there!


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

5G technology predictions 2020 | Securelist – 10 minute mail

It is estimated that data will reach 175 zettabytes worldwide by 2025, up from 1.2 zettabytes in 2010, when 4G was first being deployed globally. 5G is known as the fifth generation cellular network technology. It is expected to be as much as 100 times faster than the present 4G systems, with up to 25 times lower latency or lag time, and as many as one million devices supported within one square kilometer. The foundation of 5G can be summarized in five technologies: millimeter waves, small cell networks, massive MIMO (multiple input multiple output), beamforming, and bytes full duplex.

With the dramatic increase in the amount and transfer speed of connected devices comes a natural expansion and amplification of the threats. The evolution, development and connectivity of numerous systems within 5G opens the door to numerous threats, which can be summarized as follows.

Vulnerabilities of telco services and infrastructure

As 5G innovations spread, more shortcomings and imperfections will show up in 5G gear, customer frameworks and administration by authorities. This could enable an attacker to damage or bring down a telco infrastructure, spy on its clients or divert its traffic. Governments need to set up nationwide capabilities to utilize objective and specialized confirmation techniques to evaluate both 5G adopters and suppliers, to discover faults and stipulate fixes.

User safety and privacy concerns

On the privacy side, matters become more complex. The advent of 5G with its short range will definitely mean more cell communication towers being deployed into commercial centers and buildings. With the right toolset, someone could collect and track the precise location of users. Another issue is that 5G service providers will have extensive access to large amounts of data being sent by user devices, which could show exactly what is happening inside a user’s home and at the very least describe via metadata their living environment, in-house sensors and parameters. Such data could expose a user’s privacy or could be manipulated and misused. Service providers may also consider selling such data to other service companies such as advertisers in an attempt to open up new revenue streams. In some cases, vulnerabilities could cause injuries or ill health, for instance, if a client’s therapeutic gadgets are disconnected and not operational. The potential threats will be even greater when critical infrastructure components such as water and energy equipment are put at risk.

Critical infrastructure expansion and risks

5G will assist in spreading communication to a larger number of geographical areas than at present. It will also equip non-networkable gadgets with remote monitoring and control. However, increasing numbers of connected systems like this will no longer be non-critical infrastructure, expanding our exposure to risk. People are being enticed to adopt convenience and non-stop communications, but the related threats could pose public safety risks.

Action plan

5G is going to have a revolutionary impact on telecommunications because, in addition to the technology itself, it is going to become a basis for other technologies and inventions, giving way to technological advances, particularly in the fields of smart cities, intelligent power grids and defense facilities. It is the next generation of cellular network using the existing 4G LTE in addition to opening up millimeter wave band. 5G will be able to welcome more network-connected devices and considerably increase speeds for all users.

However, as with every major technology, especially while it is evolving, 5G is likely to draw the attention of threat actors looking for opportunities to attack it. We may, for instance, see large-scale DDoS attacks, or challenges in terms of protecting a sophisticated network of connected devices whereby the compromise of one device can lead to a whole network crashing. In addition, 5G is developing technology on top of the previous infrastructure, which means it will inherit the vulnerabilities and misconfigurations of its predecessor.

Furthermore, the communication trust model will not be identical to previous cellular generations. IoT and M2M devices are expected to occupy a greater portion of the network capacity. The interaction of all these devices in the 5G network will likely trigger unprecedented issues in product design and device behavior. Given these fears and the political challenges, encouraging a zero-trust network model and strict product quality compliance would help build trust between the technology adopters and providers.

Government and industry leaders should join forces to promote secure and safe 5G technology projects to enhance the services and quality of life for citizens of smart cities. Furthermore, the communication trust model will be different from previous cellular generations.

IoT and M2M devices are expected to occupy the 5G network bandwidth, and the interlinkage of all these devices in the 5G network will reveal previously unknown problems in the design and behavior of 5G. With regards to such worries and the additional political disputes, adopting a zero-trust network model and strict quality assessment along with compliance would help shape the relationship between the technology adopters and providers.

Hi-tech vendor and governmental structures should join forces to prevent the exploitation of 5G by threat actors and preserve its innovative features for technical progress and improving the quality of living conditions.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.