main

Service Provider

Protecting Against Narrowband IoT Security Risks

August 1, 2019 — by Eyal Yaron0

NBIOT-960x636.jpg

Narrowband internet of things (NB-IoT) is a low power wide area network (LPWAN) radio technology standard developed by the 3rd-Generation Partner Project (3GPP) to enable a wide range of cellular devices and services. 

NB-IoT focuses on low cost, long battery life and high connection density. NB-IoT uses a subset of the long-term evolution (LTE) standard but limits the bandwidth to a single narrowband of 200kHz.  In March 2019, the Global mobile Suppliers Association (GSA) announced that over 100 operators have deployed/launched either NB-IoT or long-term evolution for machines (LTE-M) networks.

NB-IoT Security Risks

The NB-IoT network design enables efficient connectivity of mass numbers of connected user equipment (UE), reducing the network overhead associated with every connection request. The new design encapsulates the required data payload (as telemetry data) into the signaling link connection, reducing the need of opening a dedicated bearer (i.e., GTP tunnel) for every single small amount of metering information sent from the network.

The network devices connected over the NB-IoT network are manufactured at a very low cost and can run up to 10 years on a pre-installed battery. The NB-IoT devices serve as sensors or remote telemetry units and are controlled by external services — IoT platforms — that schedule their activity and manage their life cycle through operational control and remote software updates. A single UE on NB-IoT has a very low network footprint and is not a major security risk on its own.

[You may also like: IoT Expands the Botnet Universe]

The risks hidden in NB-IoT devices come from their scale. There is a strong potential for orchestrating denial-of-service (DoS) attacks by harnessing a cluster of devices to send unplanned communication toward designated victims. Such communication can not only cause service interruption on the victims’ servers but also can impact the service provider network and result in service degradation due to a signaling load preventing other non-infected devices from sending their telemetry data or failing to respond to their control requests.

NB-IoT Risks and the IoT Service Economy

The IoT services offered by a service provider are challenged by a very low income per connection compared with regular service plans. We can see examples of IoT connectivity sold at $1 per month, whereby the price point aims to address a market potential of 3.5 billion cellular IoT connections by 2025, including 1.9 billion licensed LPWA connections.

[You may also like: Securing the Customer Experience for 5G and IoT]

With such an aggressive price per connection, service providers require careful selection of technologies that will impact the operating costs per connection. Although security is an important factor in the overall capital investment, the challenging economy of IoT network connectivity prices is also a huge consideration.

Protecting Against NB-IoT Risk

When service providers approach the task of planning a solution to help protect against NB-IoT risks in the network, they face several design questions:

  • Should they track individual device operational metrics just to understand when a single device changes its regular behavior?
  • How do they define, and should they define, what is “regular” device behavior? How do they measure the behavior of an individual device compared to a group of devices?
  • Can they incorporate such massive data processing tasks in the low-compute footprint (and cost structure) that business economics dictates?
  • Can they avoid detecting legitimate communication as malicious traffic?
  • Can they eliminate the additional staff work required to maintain and operate such a solution?

[You may also like: Consolidation in Consumer Products: Could it Solve the IoT Security Issues?]

The above challenges can be realized with the following solution requirements:

  • A system based on self-learning of the behavior of NB-IoT devices
  • A solution that reuses existing telemetry streams
  • A software-based, low footprint, distributed solution that allows cost-effective, network-wide deployments
  • A solution based on automated flows in response to security event detection
  • Integration with the existing service provider’s network infrastructure security such as DoS protection and web application firewalls (WAFs)

Even with the best day-one network authentication in place and rigorous IoT-type approval processes managed by the carrier, there will always be unavoidable risks. So much so that such large-scale and varied IoT device communities will become a security liability and a cause of major service interruptions — not only to the compromised IoT devices and services owners, but also to the rest of the customers using the same network resources.

In the competitive economy of mobile carriers, such risks should be avoided before detrimental effects reach beyond the network’s performance and health and result in other negative business consequences.

[You may also like: Don’t Be A “Dumb” Carrier]

Solutions for such IoT risks can be designed and deployed as an overlay solution on top of existing network infrastructure without considerable effort, which will ultimately help the service provider realize new revenue streams while providing peace of mind for its enterprise customers.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

DDoS AttacksService Provider

Detecting and Mitigating HTTPS Floods…Without Decryption Keys

July 23, 2019 — by EdenAmitai0

https-960x686.jpg

What is an HTTPS flood attack? Why is everybody talking about it these days? And is it really such a big threat?

HTTPS flood attack is a generic name for DDoS attacks that exploit SSL/TLS protocols over HTTP communications. Lately, we’ve been hearing much about this specific type of DDoS attack and other SSL/TLS attack vectors; according to our 2018-2019 Global Application & Network Security report, encrypted web attacks were the most commonly reported form of application layer attack in 2018.

And with regards to the last question, there is a simple answer: YES.

The Benefits of Encryption

We all know that encryption is being used almost everywhere today, with more than 70% of the web pages worldwide loaded over HTTPS. Encryption lets us enjoy many of benefits while being connected: We can securely send our private credentials to our bank, shop easily on Amazon without worrying whether our credit card details will be intercepted, and we can text safely and transfer files with peace-of-mind.

[You may also like: HTTPS: The Myth of Secure Encrypted Traffic Exposed]

Basically, by using encryption, or SSL/TLS in more technical jargon, we enjoy authenticity (meaning, to know the source of traffic), integrity (meaning, to know that no one tampered with the data between the two end-points), and of course, confidentiality (encryption turns data into a cypher-text using symmetric and asymmetric key exchanges).

It sounds so good, shut up and take my money!

A Fly in the Ointment

Indeed, data encryption gives us tremendous power over data transfer, but there is a fly in the ointment. All of these incredible capabilities require many system resources, and thus attract hackers and cyber criminals who wish to wreak havoc.

When it comes to the destination server or an organization’s server, the SSL/TLS connection requires even greater amounts of allocated resources – 15 times more than from the requesting host to be exact.

[You may also like: Why You Still Need That DDoS Appliance]

In other words, if a group knows how to manipulate the protocols and vulnerabilities inherent in it, they can cause significant damage by running powerful encrypted DDoS attacks. 

Now, there is only one option for organizations that wish to protect against HTTPS DDoS attacks: They must protect their network and infrastructure with dedicated, sophisticated devices that can detect and mitigate HTTPS DDoS attacks.

An Evolving Solution

Traditional protection devices require a copy of the SSL certificates (or keys) in order to decrypt the packets that are being transmitted through the device. However, while doing so, they damage user privacy (especially in the era of GDPR and other worldwide privacy regulations) and add latency. And needless to say, if not handled properly, the process can create additional security risks. What’s more, traditional devices are stateful and thus themselves vulnerable to DDoS attacks.

For service providers and carriers, whose security policies prevent them from holding their network tenants’ decryption keys, this is problematic. Without their network tenants’ keys, traditional off-the-shelf solutions are ineffective.

[You may also like: DDoS Protection Requires Looking Both Ways]

So, how can service providers properly protect their tenants from cyber attacks?

Keyless protection against HTTPS flood attacks based on stateless architecture is ideal for service providers and carriers. Such a solution not only eliminates operational complexity that comes with managing decryption keys, but protects against SSL-based HTTP DDoS attacks at scale without adding latency or compromising user privacy.

Read “The Trust Factor: Cybersecurity’s Role in Sustaining Business Momentum” to learn more.

Download Now

Service Provider

Network Slicing: Not As Dicey As You Might Think!

May 30, 2019 — by Eyal Yaron0

5GNetworkSlice-960x640.jpg

Every now and again, we hear a new technical term that requires a cursory Google search to make sure we are current with the times. Sometimes new terms are just recycling old concepts. Right now “Network Slicing” is en vogue, promising to help enable the evolution of modern networks. 

At its core, it involves the ability to run multiple virtual networks across a shared physical infrastructure – essentially a separation of data plane and control plane. We have seen these before, for example in Software Defined Networking (SDN) and Network Functions Virtualization (NFV), both of which are inextricably linked to network slicing. Although often used concurrently in 5G discussions, network slicing is, in fact, an architecture paradigm that can exist outside of 5G and provide immense value for service providers in terms of efficient implementation of value-added services that can be monetized as revenue.

[You may also like: 5G: You Can Have Your Slice and Security Too!]

Dedicated Virtual Networks

Network slicing aims to isolate specific application traffic into a dedicated virtual network, whereby each slice carries specific application traffic such as IoT Telemetry or Automotive. Having an isolated virtual network enables different use cases to have unique network characteristics to a diverse end-user community. It also provides an opportunity to match allocated resources for the slice to expected usage patterns and specific value-points of the end-user services.

An example of a slicing application is telemetry sensors. Telemetry sensors that are required to send data every 12 hours may settle for high latency values, low bandwidth, and centralized compute services in the cloud. An industrial IoT which controls the manufacturing floor will require low latency and local compute with high-bandwidth at the far edge. In this case, building a network which is required to share both of the services will not be efficient and will create unbalanced costs. Imagine if you had to build an 8 lane high-way and let bicyclists ride it occasionally!

[You may also like: 5G Security in an API-Driven Economy]

Cyclists vs. Autos

But with network slicing, the service provider can offer a different connectivity based on a dedicated slice, which ensures the service offerings do not overlap. In our example, that would be one road crafted only for cyclists and a different road for autos. Having a dedicated slice (e.g. road) can keep costs and expected revenues better aligned; for example, we assume in our analogy that a truck driver will pay more compared to a motorcyclist.

With respect to slicing implemented around the topic of network security in particular, service providers can offer a security posture that gives them the best chance to keep costs in check while keeping the network safe and affordable to operate. 

For more information on this, come hear Radware’s Eyal Yaron speak at 5G World Congress in ExCeL, London on June 12. Details for Eyal’s panel can be found here.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Service Provider

5G Security in an API-Driven Economy

May 15, 2019 — by Travis Volk0

5G_API-960x640.jpg

Over the last six years, solution architects have been designing the transformation of Service Provider’s networks to significantly reduce the timing of service and feature deployment lifecycles, standardizing on real-time service provisioning, consumption and end user autonomy.  This challenge has been in parallel to delivering highly scalable and cost effective solutions. 

These solutions, along with automation, are addressing emerging security challenges while extending tailored outcomes to individual lines of business and customers. The result is better security, user experiences and a broader addressable market. 

So how does this hard work improve our execution of 5G transformations? 

All About Those Apps

First, the fully automated software delivery model allows us to address the complexity of a widely distributed architecture in a repetitive model.  Network and security alignment improves resource allocation while optimizing consumption-based delivery from edge systems. 

[You may also like: The Necessary Burden of 5G Security]

The “edge” may have more than one meaning in this discussion, as service delivery platforms are no longer constrained to a single autonomous system. This flexibility leads Service Providers to a new era of content management and monetization as applications are deployed across numerous computing platforms to minimize latency. 

It is important to appreciate that these capabilities are all made possible because of application-to-application dialog that transpire over APIs.  Traditionally, application and API exposure had been constrained to IDC infrastructure. This meant that a secure DC or security gateway framework was used to harden the exposure of numerous applications in the same physical location. All of these applications communicated to the internet via a common path. In the scope of security design, this was a relatively easy problem to address. 

[You may also like: 5G: You Can Have Your Slice and Security Too!]

Now, take a step back to the previous ideology of 5G and it jumps out at you that API and application protections become a key component in modern edge security. 

From Security Zones to Network Slices

It is also interesting to recognize that traditional volumetric defense for infrastructure protection is changing rapidly.

Anomalous traffic easily evading netflow detection has been eroding precious core resources for too long.  When security functions are built into the network, attacks are automatically addressed locally, avoiding back-hauling attacks and driving efficiency back into the core. This highly scalable infrastructure protection strategy also serves as a point of escalation for more sophisticated or persistent attacks seen in gateways, applications and APIs. 

As we transition from security zones to network slices, this multi-tiered approach further lends itself to the decomposition of highly intelligent machine learning algorithms deployed contextually for the relevant protocols and applications. 

[You may also like: Safeguarding 5G Networks with Automation and AI]

As an example, IoT anomaly detection on the access edge requires very different algorithms than used for detecting attacks from the internet thru the peering edge. When we speak about application and API protection, protecting a mobile application requires entirely different techniques than addressing behavioral analysis for fraudulent account abuse. Having the ability to protect, adapt and optimize attack lifecycle management in cooperation with the orchestration layer for end-to-end security has been our greatest achievement in modern security design.

The Modern Landscape

Maybe the punchline is becoming obvious at this point but addressing end-to-end security with the ability to escalate application abuse to the edge of the system in a widely distributed architecture has become a modern landscape requirement. 

[You may also like: How to Prevent Real-Time API Abuse]

Automation is working on our behalf to drive agility into engineering, provisioning, billing and operations. With predefined workflows, analysts enjoy alert-driven processes and/or fully automated protection strategies designed to meet the high availability demands throughout a complex system.

If you track my work at all, you will appreciate that I have dedicated the last twenty years designing highly adaptive services.  If you are curious how you too can maximize security revenue across multiple lines of business, please reach out in the comment section below; service creation is one of my favorite points of discussion. 

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Service Provider

The Necessary Burden of 5G Security

May 14, 2019 — by Eyal Yaron0

5gburden-960x495.jpg

Today’s infrastructure threats will have major impacts on tomorrow’s 5G commercial networks. 5G network slicing, virtualization and disaggregation introduce new levels of complexity to network security, requiring a high-level of automation in security on-boarding, scale-out and attack mitigation.

5G security is absolutely required to be thought about in a Day 1 network build and ‘weaved’ into the network architecture. Otherwise, the immense job of re-architecting the network afterward will be a cost-prohibitive exercise.

Service providers are faced with a necessary burden of managing security threats in the 5G network.

Your ‘Typical’ Security Solution

A typical network security solution will include several security elements, such as firewalls, DDoS protection devices, IPS/IDS, etc. Each system may require its own domain expertise when it comes to proper configuration and tuning. When a carrier-grade network slice is under attack, dedicated expertise is required for handling changes and setting the proper mitigation actions. With the new paradigm of 5G network slicing coming onto the scene in a highly distributed network, carrier security teams will be challenged.

[You may also like: 5G: You Can Have Your Slice and Security Too!]

Service providers are already in a precarious position of creating healthy profit margins with the onslaught of over-the-top data and video traversing their networks. New revenue streams are tough to come by, and so the other lever available to influence margins is cost control. However, the cost economics do not scale well when contemplating an increase in security staff to prepare for 5G. The new attack vectors are just too complex and too high in volume to adequately address with a bloated Security Operations Center (SOC) of just human oversight and management. 

Stronger Visibility

What makes more sense is adoption of a comprehensive security solution used across all network slices to benefit from ease of management and SOC skill sets.

Vendor technology designed around the concept of self-learning with respect to threat detection not heavily dependent on pre-configured rules is the ideal toolkit for service providers. Minimal setup and configuration lower the overall carrier security team effort around system operation. Now, instead of manual provisioning and troubleshooting, the SOC specialist can look at a dashboard to see what was detected by the system and what mitigation actions took place to defend against malicious threats to the system.  This yields strong visibility into network security threats across all network functions and slices.

[You may also like: Here’s How Carriers Can Differentiate Their Offerings]

In the new 5G security play, the various security functions are on-boarded per slice in alignment to the required network capabilities and desired distribution. The total investment in security computing resources and licenses aligned with the network slice investment allowing carrier better control on the risks and the costs associated with specific network slice.

Automated attack mitigation capabilities provide the security team with ‘peace of mind’ that all ‘war time’ actions are taken care of in automated manner with no manual intervention by security administrators. 

So although 5G carries with it very challenging security issues, service providers can be proactive in creating a security posture that gives them the best chance to keep costs in check while keeping the network safe.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

SecurityService Provider

Bot Management: A Business Opportunity for Service Providers

April 30, 2019 — by Radware0

BotManagementSP-960x540.jpg

Over half of all internet traffic is generated by bots — some legitimate, some malicious. These “bad” bots are often deployed with various capabilities to achieve their nefarious objectives, which can include account takeover, scraping data, denying available inventory and launching denial-of-service attacks with the intent of stealing data or causing service disruptions. Sophisticated, large-scale attacks often go undetected by conventional mitigation systems and strategies.

Bots represent a clear and present danger to service providers. The inability to accurately distinguish malicious bots from legitimate traffic/users can leave a service provider exposed and at risk to suffer customer loss, lost profits and irreparable brand damage.

In an age where securing the digital experience is a competitive differentiator, telecommunication companies, management services organizations (MSOs) and internet service providers (ISPs) must transform their infrastructures into service-aware architectures that deliver scalability and security to customers, all the while differentiating themselves and creating revenue by selling security services.

[You may also like: Bot Managers Are a Cash-Back Program For Your Company]

Bot Traffic in the Service Provider Network

Bot attacks often go undetected by conventional mitigation systems and strategies because they have evolved from basic scripts into large-scale distributed bots with human-like interaction capabilities. Bots have undergone a transformation, or evolution, over the years. Generally speaking, they can be classified into four categories, or levels, based on their degree of sophistication.

The four categories of malicious bots.

In addition to the aforementioned direct impact that these bots have, there is the added cost associated with increased traffic loads imposed on service providers’ networks. In an age of increased competition and the growth of multimedia consumption, it is critical that service providers accurately eliminate “bad” bots from their networks.

[You may also like: The Big, Bad Bot Problem]

Staying ahead of the evolving threat landscape requires more sophisticated, advanced capabilities to accurately detect and mitigate these threats. These include combining behavioral modeling, collective bot intelligence and capabilities such as device fingerprinting and intent-based deep behavioral analysis (IDBA) for precise bot management across all channels.

Protecting Core Application from Bot Access

Bots attack web and mobile applications as well as application programming interfaces (APIs). Bot-based application DoS attacks degrade web applications by exhausting system resources, third-party APIs, inventory databases and other critical resources.

[You may also like: How to Prevent Real-Time API Abuse]

IDBA is now one of the critical capabilities needed to mitigate advanced bots. It performs behavioral analysis at a higher level of abstraction of “intent,” unlike commonly used, shallow “interaction”-based behavior analysis. IDBA is a critical next-generation capability to mitigate account takeovers executed by more advanced Generation 3 and 4 bots, as it leverages the latest developments in deep learning and behavioral analysis to decode the true intention of bots. IDBA goes beyond analyzing mouse movements and keystrokes to detect human-like bots, so “bad” bots can be parsed from legitimate traffic to ensure a seamless online experience for consumers.

API Exposure

APIs are increasingly used to exchange data or to integrate with partners, and attackers understand this. It is essential to accurately distinguish between “good” API calls and “bad” API calls for online businesses. Attackers reverse engineer mobile and web applications to hijack API calls and program bots to invade these APIs. By doing so, they can take over accounts, scrape critical data and perform application DDoS attacks by deluging API servers with unwanted requests.

Account Takeover

This category encompasses ways in which bots are programmed to use false identities to obtain access to data or goods. Their methods for account takeover can vary. They can hijack existing accounts by cracking a password via Brute Force attacks or by using known credentials that have been leaked via credential stuffing. Lastly, they can be programmed to create new accounts to carry out their nefarious intentions.

[You may also like: Will We Ever See the End of Account Theft?]

As its name suggests, this category encompasses an array of attacks focused on cracking credentials, tokens or verification codes/numbers with the goal of creating or cracking account access to data or products. Examples include account creation, token cracking and credential cracking/stuffing. Nearly all of these attacks primarily target login pages.

The impact of account takeover? Fraudulent transactions, abuse of reward programs, and damage to brand reputation.

Advertising Traffic Fraud

Malicious bots create false impressions and generate illegitimate clicks on publishing sites and their mobile apps. In addition, website metrics, such as visits and conversions, are vulnerable to skewing. Bots pollute metrics, disrupt funnel analysis and inhibit key performance indicator (KPI) tracking. Automated traffic on your website also affects product metrics, campaign data and traffic analytics. Skewed analytics are a major hindrance to marketers who need reliable data for their decision-making processes.

[You may also like: Ad Fraud 101: How Cybercriminals Profit from Clicks]

The Business Opportunity for Service Providers

Regardless of the type of attack, service providers are typically held to high expectations when it comes to keeping customer data secure and maintaining service availability. With each attack, service providers risk customer loss, brand reputation, lost profits and at the worst, costly governmental involvement and the resulting investigations and lawsuits.

These same business expectations apply to service providers’ customers, many of whom require security services. Although large organizations can attempt to develop their own in-house bot management solutions, these companies do not necessarily have the time, money and expertise to build and maintain them.

Building an adaptive bot mitigation solution can take years of specialized development. Financially, it makes sense to minimize capex and purchase a cloud-based bot mitigation solution on a subscription basis. This can help companies realize the value of bot management without making a large upfront investment.

Lastly, this allows service providers to protect their core infrastructure and their own customers from bot-based cyberattacks and provides the opportunity to extend any bot management solution as part of a cloud security services offering to generate a new revenue stream.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Service Provider

5G: You Can Have Your Slice and Security Too!

April 25, 2019 — by Louis Scialabba1

5g_slice-960x667.jpg

We have heard it before. Another generation of mobile architecture is upon us and we are euphoric for all the cool things we can do more of.  And of course good marketers will swear that you can lasso the moon if you have enough money to pay for it.

Let’s inspect 5G for what it really is, save the hype.  It is an upgrade in the mobile architecture that pushes new computing elements and services closer to the edge in order to scale and improve network performance.  The 5G specifications rely on virtualized and distributed network functions that span across remote locations, and is heavily dependent on robust, secure interworking between remote and local virtualized network functions. 

5G also opens the network to new services using IT protocols and Open APIs – the latter of which introduces significant additional liability on the responsibility of the carrier network security owner.

I’ll Take a Slice of That

The “Network Slicing” concept in 5G aims to isolate specific application traffic into a dedicated virtual network. Each slice carries the traffic originating from a specific application, such as IoT Telemetry and Autonomous Vehicles, Smart City and Smartphone. Each application has its unique network traffic pattern and requires specific security policies. Having an isolated virtual networks brings security benefit and limits security risk impact to the specific slice.

[You may also like: Here’s How Carriers Can Differentiate Their 5G Offerings]

Sharpening the Edge

With this new network paradigm based on service-based architecture (SBA), the previous 3G and 4G network element boxes transformed into a cloud of micro-services functions, distributed and disaggregated based on the carrier coverage needs and specific applications deployed in the carrier network. The new architecture exposes many internet interfaces in various network segments from the core peering link up to the far-edge compute to address scale and low-latency requirements.

Such mass exposure of external internet interfaces significantly raises the cyber security threat level. IoT and its applications running at the far edge provides new services based on vast usage of open, published interfaces based on HTTP\2.  On one hand, this enables openness and service agility, and on the other, extensive exposure to attacks tools and tactics using publicly available information to wreak havoc on network infrastructure and services. 

In other words, the new 5G security perimeter has widened and expanded far beyond what we are familiar with in LTE and 3G world.

A Call to Arms

A typical network security solution will include various security elements such as firewalls, DDoS protection, web application firewall, etc. Each system may require its own domain expertise when it comes to proper configuration and tuning. When a carrier network is under attack, dedicated expertise is required for handling changes and setting the proper mitigation action.

With the new reality of network slicing and highly distributed network functions carrier security teams will be overburdened unless they employ an automated, self-learning defense mechanism. With the current telecom carriers, the economics of an increase in security staff is not an option when moving toward 5G – it just doesn’t scale from a cost-perspective and it puts human engineers at a disadvantage to ever-increasing machine-based bot attacks. 

[You may also like: Here’s How Net Neutrality & Wearable Devices Can Impact 5G]

Automation as Table Stakes

A comprehensive security solution used across all network slices benefit from ease of management and required team expertise. Security vendors must design security products around the concept of self-learning, which is essentially threat detection not heavily dependent on pre-configured rules. 

Minimal setup and configuration is required in 5G to lower carrier security team effort around system operation.  An automated attack mitigation capability provides security teams with ‘peace of mind’ that all attack time actions taken care without manual intervention by security administrators, with strong visibility into network security threats across all network functions and slices.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

SecurityService Provider

Out of the Shadows, Into the Network

April 9, 2019 — by Radware1

darkness-960x540.jpg

Network security is a priority for every carrier worldwide. Investments in human resources and technology solutions to combat attacks are a significant part of carriers’ network operating budgets.

The goal is to protect their networks by staying a few steps ahead of hackers. Currently, carriers may be confident that their network security solution is detecting and mitigating DDoS attacks.

All the reports generated by the solution show the number and severity of attacks as well as how they were thwarted. Unfortunately, we know it’s a false sense of well-being because dirty traffic in the form of sophisticated application attacks is getting through security filters. No major outages or data breaches have been attributed to application attacks yet, so why should carriers care?

Maintaining a Sunny Reputation

The impact of application attacks on carriers and their customers takes many forms:

  • Service degradation
  • Network outages
  • Data exposure
  • Consumption of bandwidth resources
  • Consumption of system resources

[You may also like: How Cyberattacks Directly Impact Your Brand]

A large segment of carriers’ high-value customers have zero tolerance for service interruption. There is a direct correlation between service outages and user churn.

Application attacks put carriers’ reputations at risk. For customers, a small slowdown in services may not be a big deal initially. But as the number and severity of application attacks increase, clogged pipes and slow services are not going to be acceptable. Carriers sell services based on speed and reliability. Bad press about service outages and data compromises has long-lasting negative effects. Then add the compounding power of social networking to quickly spread the word about service issues, and you have a recipe for reputation disaster.

[You may also like: Securing the Customer Experience for 5G and IoT]

Always Under Attack

It’s safe for carriers to assume that their networks are always under attack. DDoS attack volume is escalating as hackers develop new and more technologically sophisticated ways to target carriers and their customers In 2018, attack campaigns were primarily composed of multiple attacks vectors, according to the Radware 2018–2019 Global Application & Network Security Report.

The report finds that “a bigger picture is likely to emerge about the need to deploy security solutions that not only adapt to changing attack vectors to mitigate evolving threats but also maintain service availability at the same time.”

[You may also like: Here’s How Carriers Can Differentiate Their 5G Offerings]

Attack vectors include:

  • SYN Flood
  • UDP Flood
  • DNS Flood
  • HTTP Application Flood
  • SSL Flood
  • Burst Attacks
  • Bot Attacks

Attackers prefer to keep a target busy by launching one or a few attacks at a time rather than firing the entire arsenal all at once. Carriers may be successful at blocking four or five attack vectors, but it only takes one failure for the damage to be done.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Mobile DataMobile Security

Here’s How Net Neutrality & Wearable Devices Can Impact 5G

March 28, 2019 — by Mike O'Malley0

5GNetNeutralityDevices-960x540.jpg

AT&T and Verizon are committed to an aggressive, multi-city roll out plan in a race to be the first carrier to implement national 5G deployment. We see this competition play out almost daily in the news: AT&T’s “5G E” is slower than Verizon 4G,  Verizon declares 5G war on AT&T, Verizon inks a deal with the NFL to bring 5G to stadiums, and so forth. And yet, despite this newsworthy competition between telecom giants, we still have a limited understanding of the benefits and risks of 5G.

There are the obvious benefits – faster service, for one – and risks, like insufficient security infrastructure. But what about other, less considered factors that can impact 5G (both positively and negatively), such as net neutrality and wearable devices? How do they play into the risks and rewards of this communications (r)evolution?

Net Neutrality

Currently, net neutrality in the U.S. is embroiled in partisan politics and it’s unclear whether these regulations will be reinstated. But operating under the current status, in which net neutrality rules are suspended, service providers stand to profit from 5G.

[You may also like: Here’s How Carriers Can Differentiate Their 5G Offerings]

As we’ve previously discussed, 5G allows for service providers to “slice” portions of a spectrum as a customizable service for specific types of devices and different customer segments—and without net neutrality, carriers can conceivably charge premium rates for higher quality of service. In other words, service providers could profit by charging select industries that require large bandwidth and low latency – like healthcare and manufacturing, for example – higher premiums.

This premium service/premium revenue model represents a significant ROI for carriers on their 5G infrastructure investment. Not only does slicing provide flexibility for multi-service deployment, it enables the realization of diverse applications on that physical resource, which helps recoup cost for the capital investment.

[You may also like: Don’t Be a “Dumb” Carrier]

However, because implementation will be patchy, with initial focus on high-density, urban areas (versus rural populations), the so-called digital divide may very well deepen, not just for consumers but for rural industries like healthcare and agriculture as well.

Wearable Devices

IoT devices have outpaced the human population for the first time in history. And 5G will undoubtedly  fan the flames of interest in wearable devices, due to its projected speed and availability of data.  

While these devices can certainly make life easier, and even potentially healthier (think about the ECG app on the Apple Watch!), they also carry enormous risk. Why? Because they’re hackable – and they contain a treasure trove of sensitive data, like your location, health stats, and more. And the risk doesn’t only impact the individual wearing an IoT device; enterprises are likewise at risk when their employees wear devices at work and transmit data over office WiFi.    

[You may also like: Securing the Customer Experience for 5G and IoT]

What’s Next?

With the ever-changing nature of internet regulations and the explosion of wearable devices, security must be top-of-mind for service providers. Not only is security advantageous to end users, but for the carriers as well; best-of-breed security opens the possibility for capturing new revenue streams.

No matter the complexity of securing 5G networks, there are solutions. For example, service providers should consider differentiated security mechanisms, offering security as a service to vertical industries, and segregating virtual network slices to safeguard their networks. And of course, let the (security) experts help the (carrier) experts.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Mobile SecurityService Provider

Here’s How Carriers Can Differentiate Their 5G Offerings

February 28, 2019 — by Mike O'Malley0

5g-960x636.jpg

Much of the buzz surrounding this year’s Mobile World Congress has focused on “cool” tech innovations. There are self-driving cars, IoT-enhanced bee hives, smart textiles that monitor your health, realistic human chatbots, AI robots, and so forth. But, one piece of news that has flown relatively under the radar is the pending collaboration between carriers for 5G implementation.

A Team Effort

As Bloomberg reported, carriers from Vodafone Group Plc, Telecom Italia SpA and Telefonica SA are willing to call “a partial truce” to help each other build 5G infrastructure in an attempt “to avoid duplication and make scarce resources go further.”

Sounds great (who doesn’t love a solid team effort?!)…except for one thing: the pesky issue of competing for revenue streams in an industry fraught with financial challenges. As the Bloomberg article pointed out, “by creating more interdependent and overlapping networks, the risk is that each will find it harder to differentiate their offering.”

[You may also like: Securing the Customer Experience for 5G and IoT]

While this is certainly a valid concern, there is an obvious solution: If carriers are looking for differentiation in a collaborative environment, they need to leverage security as a competitive advantage.

Security as a Selling Point

As MWC19 is showing us in no uncertain terms, IoT devices—from diabetic smart socks to dairy milking monitors—are the way of the future. And they will largely be powered by 5G networks, beginning as early as this year.

Smart boot and sock monitor blood sugar, pulse rate, temperature and more for diabetics.

Which is all to say, although carriers are nervous about setting themselves apart while they work in partnership to build 5G infrastructure, there’s a huge opportunity to differentiate themselves by claiming ownership of IoT device security.

[You may also like: Don’t Be A “Dumb” Carrier]

As I recently wrote, IoT devices are especially vulnerable because of manufacturers’ priority to maintain low costs, rather than spending more on additional security features. If mobile service providers create a secure environment, they can establish a competitive advantage and reap financial rewards.

Indeed, best-of-breed security opens the possibility for capturing new revenue streams; mobile IoT businesses will pay an additional service premium for the peace of mind that their devices will be secure and can maintain 100% availability. And if a competing carrier suffers a data breach, for example, you can expect their customer attrition to become your win.

My words of advice: Collaborate. But do so while holding an ace—security—in your back pocket.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now