Rising Security Concerns in the Telecom Industry
The Telecom industry keeps the world connected. From private communications to business interactions, it is an intrinsic part of our daily lives, and we take many elements for granted. Be it via the phone, across the internet, over airwaves, or cables, this sector makes it possible to communicate in rapid time anywhere around the world. From satellite companies, internet providers, telephone corporations, the infrastructure behind these organizations makes it feasible for all our videos, audio, and text to be sent worldwide, which aids development in practically every industry.
‘Telecom Service Revenue Worldwide Equates to 1,130bn euros’ – Statista
As technology has developed in recent years, our world has grown, and as the threat landscape has changed, cyber-attacks specifically against the telecom industry are soaring. Given that this industry controls a vast majority of complex and critical national infrastructure, the impact of a successful attack is not only significant but extensive.
In this blog, we aim to advise on the current risks and highlight potential future threats concerning the telecommunication industry and explain how providers can use Threat Intelligence to help protect their digital environments and critical infrastructure from emerging cyber threats.
But protecting telecom infrastructure is far from easy. The industry understands that no threat can be tackled in isolation and that threat actors will continue to exploit vulnerabilities in adopted technologies to achieve their goals.
Key Security Issues
Telco is often the first line of defense, and the majority of Governments, including the UK, uses critical national infrastructure such as British Telecommunication (BT). The problem is, when people think of Telco’s, they often associate this with organizations such as Virgin Mobile or EE. These are not Telco’s. These are mobile phone operators. BT is the landline that most mobile phone operators pay a little bit to because they are the ones controlling the pipes.
BT does their own cyber defense, and governments view that as the provider, BT is the one controlling the pipes going in, so they can also keep it clean and secure. BT runs these pipes, and these pipes travel under the sea, tunneling under beaches, up through maintenance holes, to provide internet to the masses. With each maintenance hole and each line, there are multiple fiber entry points, all in need of continual security maintenance.
Telecommunication threat maps and cyber risk systems are merging. The speed and storage capabilities required are endless. Telecom operators are transforming themselves from network companies to cloud service companies to improve business operations efficiencies, roll out new services and applications, and store and distribute content.
As telecoms are often a gateway into multiple businesses, threats can either target a specific telecom company, its third-party providers, or a telecom service’s subscribers. These attacks come in a variety of forms. Below are some of the most common attack vectors.
IoT
One of the most significant challenges for Telco’s and Internet Service Providers (ISPs) in the current climate is how the Internet of Things (IoT) will impact the industry. IoT has skyrocketed in terms of its application with connected devices, creating more entry points in the process. Not all these points are patched properly, and they leave accounts for users, clients and companies exposed.
‘47% of the most vulnerable devices are security cameras installed on home networks, followed by smart hubs (15%), like Google Home and Amazon Alexa, and network-attached storage devices (12%).’ – GDPR PrivSec Report
Insider Threats
While some attacks are vindictive, an issue within telecom is that many employees/insiders are completely unaware that they are a threat in the first place. Few within the industry receive training in cybersecurity measures. And with over 30% of people now working remotely, connections to unsecured networks are higher than ever.
‘Empirical evidence of unsecured Wi-Fi risks is worrying — not only because many applications do not encrypt transmitted data but also because people continue to use the networks.’ ( Factors Influencing Users to Use Unsecured Wi-Fi Networks: Evidence in the Wild. Nissy Sombatruang, Lucky Onwuzurike, Angela Sasse, Michelle Baddeley.)
Third-Party Risk
Third parties, including vendors, partners, e-mail providers, service providers, web hosting, law firms, data management companies, and subcontractors, could easily be a backdoor into crucial infrastructure for attackers to infiltrate. Maintaining your company’s security, your company’s safety, and the security of the providers involved in the business can be tricky. That’s why managed security services are essential to monitoring all elements of a given network.
DDoS
DDoS, including advanced distributed reflection denial of service (DrDoS) using standard network protocols and botnets consisting of compromised mobile and IoT devices, are prevalent. Clients of Telco’s expect services to run seamlessly 24/7. Any interruption or outage that affects the quality of service can result in significant financial losses.
A recent example includes an attack on telecom operators in North America, who were ‘reportedly hit by a Distributed Denial of Services Cyberattack in what is believed to be touted as the largest cyber-attack launched telecom operators of America to date. And reports are in that the attack caused cell phone network disruptions in states like Florida, Georgia, New York, Atlanta, Chicago, Miami, Fort Lauderdale, Los Angeles, California, and Houston Texas.’ Reports Cyber Security Insiders.
Terrorism and State Actors
Via remote infiltration, bad actors can control physical elements that can influence critical infrastructure and manipulate outcomes. As well as acquire valuable intelligence on intellectual property, trade agreements, and personal data.
These are just a handful of threats. There are many more vulnerabilities that telecommunication providers must look out for. Including…
- Services misconfiguration.
- Compromising subscriber’s credentials or devices using social engineering, phishing, malware.
- Long-term espionage campaigns.
Some of these attacks are aimless and come from low-level criminals, but telecom providers are often targeted by highly sophisticated threat groups in many cases. As a result, there is a good chance that many successful telecom infrastructure breaches are never detected at all.
What Now?
Safeguarding against threats, reducing the attack surface, and security systems of large, complicated, and multifaceted organizations is not a quick fix. Cost is also a contributing factor, as many organizations have limited resources and are unable to secure their devices, systems, people, and processes internally.
This is what Managed Security Providers (MSP’s) provide. With the right threat intelligence, telecommunication companies can enhance their business profile, make business decisions based on accurate data, and empower their security team to quickly and accurately address cyber threats and mitigate them in rapid time.
Digital Risk and Threat Monitoring can be used to harvest information available on the dark web, deep web, and in the public domain, to provide superior security and visibility to identify and highlight attacks, detect breached material and safeguard data, people, and processes against future threats within the industry.
