Security is a growing challenge for the telecommunications space, made even more so by the lack of attention paid by operators.
The last decade has seen a boom in the telecommunications space like no other industry in the world. In 2006, there were hundreds of operators, whereas today, there are now thousands.
The world is run in digital and IP-enabled devices are the agents of this truly digital, connected age. While the new, digital environment has provided industries (such as telecommunications) and consumers with numerous operational efficiencies and practical benefits it is (by its very IP-enabled nature) under constant threat of attack.
Given the difficulties of monitoring and filtering increasingly complex networks, attacks can quickly spread. If one operator has an open point for attackers an attack can easily spread to multiple partner networks before even being detected. The “internet of things” phenomenon that has swept the globe over the last 24 months (with no foreseeable end in sight) has added an extra dimension of difficulty to the already complicated scenarios operators face.
As an operator in the digital age, networks are under constant threat from attackers (both internal and external). The threat ecosystem has evolved at such a rate that while some operators are very aware of the new landscape they inhabit, many are simply striving to keep up instead of making headway fighting security vulnerabilities.
Mobile and fixed-line carriers lose huge amounts of revenues through security vulnerabilities and fraud every year, according to the 2015 Global Fraud Loss Survey published by the Communications Fraud Control Association. Criminals are increasingly adopting hyperscale techniques to perpetrate fraud and security breaches quickly and more efficiently than ever before, exacting damage in 24 hours or less and going undetected for days or months, well before anyone knows an attack is happening.
One of the most common vulnerabilities involves location tracking, where an attacker carries out unauthorized tracking of a subscriber. Another popular racket with a large-scale revenue impact is application-to-person fraud – some estimates put revenue leakage due to grey A2P routes at nearly a $1 billion each year.
For signaling based vulnerabilities, there were no firewalls until recently, with mobile networks typically trusting their roaming partner’s capabilities. However, building sturdy digital fortresses, secured by ever higher firewalls is simply not enough due to the complexity and speed with which today’s threat landscape scales and morphs.
Today, a threat can come from any direction, such as an insider threat with access to network nodes; a platform issue, which can be used to attack the subscribers of partner network; or even simply an out of date software license. The fact of the matter is a new approach and mindset to the traditional question of “security protocols” is required – and fast.
Best case scenario; you haven’t experienced a security breach yet, in which case you certainly will in the future. Worst case scenario; you have experienced a breach, but aren’t aware of it. Some experts amongst the cybersecurity fraternity have even gone so far as to say that it is better to assume you have been breached and work the necessary “triage” in a proactive manner, rather than wait until the inevitable happens and have to be wholly reactive – by then the chances are the damage will have already been done anyway.
While it may come as an uncomfortable truth to heads of marketing and chief information security officers across the world, especially in the operator space, acknowledging that security vulnerabilities will occur does not have to mean being indifferent or unprepared for them.
Some smart companies will even realize the brand benefits of aligning some degree of marketing and product development spend to dealing with the elephant in the room when it comes to consumers and the security question.
While the pace and rules of the “security” game have changed significantly, so too has the equipment now available to the “white hat” community.
To detect and out-innovate advanced cyberfraud attackers, CSPs must turn to machine-learning-based analytics platforms that provide real-time analysis and identify new parameters within the massive amounts of data traveling across 21st century networks. Big data and real-time analytics are crucial weapons in the arsenal of operators looking to clamp down on all security vulnerabilities.
To effectively discover contemporary telco fraud, bolster operator network security and guard against revenue threat attacks requires a massive amount of insight across network, customer relationship management, billing and profile data. Throw into the mix the requirement to analyze all these streams in real time and the challenge is clear.
While swimming against the tide might seem like a pointless task, it is in this case a necessary one. Awareness of the shifting sands that represent today’s threat landscape is key to today’s operators as is a change to the philosophical mindset needed to battle it.
Over the last few years, the attacks on the networks of mobile network operators have become increasingly sophisticated; from subscriber tracking, to denial of services to subscribers, and it poses the serious question as to the whether operators are even aware of some of the issues they are facing, let alone how they go about detecting and counteracting them.
Thanks to the big data and analytics capabilities of architecture like Hadoop and significant advances in machine learning capabilities, operators are better equipped to fight security vulnerabilities than ever before. While preventing “black hats” from hiding in the gaps between systems, flying under the radar and going undetected, will remain a constant battle for operators; it is now (at least) a battle they can fight on more equal terms.
Editor’s Note: In an attempt to broaden our interaction with our readers we have created this Reader Forum for those with something meaningful to say to the wireless industry. We want to keep this as open as possible, but we maintain some editorial control to keep it free of commercials or attacks. Please send along submissions for this section to our editors at: dmeyer@rcrwireless.com.