main

Attack Types & VectorsSecurity

Today’s Cyber Security Threats in the Telecom Industry

March 23, 2016 — by Snir Ben-Shimol2

Today the Telecom industries provide a wide array of global services that communicate with millions of customers.

This diverse business ecosystem is fraught with increasingly frequent cyber risks. It demands a commitment to cybersecurity that focuses on highly trained personnel, up-to-date solutions, and the right tools to detect, analyses, and respond to threats.

 

“Telecommunication biggest issue was and will be Denial of service”
–PWC communications-review-July-2015

The Past

Telecommunication industry solutions are usually required to handle with unique types of protocols such as, VoIP, SIP, SS7, etc. Those protocols need to have security controls as they are popular vectors for attackers who are targeting Telecom companies. 10 years ago mostly governmental organizations and global agencies could challenge and hack those protocols. However, with today’s hacking tools and knowledge combined with the low price of dedicated hardware cyber criminals and hacktivists are a new major risk within the threat landscape.


Image Source: Willis Towers Watson Wire

When talking about external attack vectors there is a need to take into consideration two unique vectors mainly related to telecom equipment manufacturers companies.

One is SCADA security, as Industrial control systems and systems that monitor and control industrial processes that exist in the physical world can be a major risk. The second unique vector is telecom equipment’s security. During the past year, the telecom devices security vulnerabilities increased dramatically and now taking a big part of the threat landscape.

The Present with a look for the Future

Telecommunication threat map and cyber risk systems such as voice and IP networks are merging. The speed and storage capabilities required are endless. Denial-of-service attacks are one of the top priorities for mitigation, to protect themselves and their customers. Actors can execute complex attacks on BGP routing protocols, SS7 or DNS infrastructures. There is a critical need for “Always on” services especially for Telecom companies providing cloud based solutions for organizations and clients over the Internet. Alongside the growth of Internet Of Things (Iot), companies required cyber risk mitigations for a zero day attacks and multiple vectors.

“As telecoms pivot toward a more digital future, they will very likely encounter entirely new types of cybersecurity risks to data, applications, and networks.”
– according the findings from The Global State of Information Security® Survey 2015.


Image Source: PWC

[You might also like: The NFV Carrier Opportunity – Takeaways from Light Reading’s Big Telecom Event]

Cloud security can lead to privacy worries

Telecom operators are transforming themselves from network companies to cloud service companies to improve efficiencies in business operations, roll out new applications and services, and store and distribute content. The industry awareness to the Cloud security and cyber risks are enormous.

According PWC latest survey and analysis, only 50% of telecom companies have a security strategy for cloud computing. One of the pitfalls leveraging cyber risks is “shadow IT” meaning the purchase of cloud services by business leaders without involvement of IT.

“In 2014, 60% of telecommunications respondents said they employ some form of cloud computing, up from 50% in 2013.”

Cloud computing has been a prerequisite for IoT from the very early days of its evolution and use as the core environment of the presence of IoT wise environments. As the IoT market have a direct connection to upcoming services and required solutions from the Telco industry a strong security measures are a must to insure those cloud based services will remain unharmed and the “Always-On” requirement will preserve.

IoT as a new risk surface

IoT-enabled devices and their rollouts of 5G will challenge Telcos to face a surge in data usage, raising their ARPU (average revenue per user) and at the same time they will also have to deal with privacy and infrastructure security concerns.


Image Source: EY

IoT as a new vector of bandwidth consumption – Thousands of sensors, or actuators, trying to communicate to a single server will create a flood of data traffic which can easily bring down the server.

Threat Intelligence Aspects

The players within the telecommunication cyber arena are governments (NSA, FBI (USA), Mossad(IL), China) well founded hacktivists (Launch mostly DDOs attacks) and many other attackers who targeted one of millions of clients purchasing their services using the telecom company. They will hack the telecommunication provider in order to damage that specific client which means – more clients more attacks.

The motivation for launching such attacks could be spying on devices and customer activities from a singlemultiple points, global fraud campaigns, network crashes and denial of service for thousands of customers.

The Solution

Many global Telecommunication companies are relaying Radware as their front line of defense against different attacks related to the Telecom sector. From known network flood attacks to highly complex BGP and VOIP multi-vector high volume attacks, Radware solutions and services can provide a full scale of protection with the ability of customization for the organization’s technology, protocols and needs.

Click here to learn more about how we helped protect VimpleCom from Attack.

nfv_ebook_book

Read the eBook “Agility, Scalability, Automation: Accelerating the Benefits of NFV with a Cap-and-Grow Strategy” to learn more.

Download Now

Snir Ben-Shimol

Snir is the leader of Radware R&D cyber security research group. Snir has over 10 years of experience in application security and software development specializing in web applications and mobile security, cloud based services and security assessment management. Snir is responsible for security research and innovation activities for Radware’s Web Application Firewall and Defense-Pro solutions. Before joining Radware, he was in charge of large organizations’ cyber security planning, performing security assessments leading a red team group for penetration testing, code review, secure design and spear-phishing campaigns.

2 comments

  • direct mail marketing

    June 13, 2016 at 4:39 pm

    This is really fascinating, You are an excessively skilled blogger.

    I’ve joined your rss feed and sit up for in the hunt for more of your excellent
    post. Additionally, I have shared your site in my social
    networks

    Reply

  • Emily Stone

    October 7, 2016 at 10:33 am

    Some great insights here, data traffic should be delivered over secure internet lines remotely.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *