Must use intelligence for breach and attack simulation
Europe’s mobile network operators (MNOs) must raise their game as the incidence of criminality escalates and their adoption of digital technology puts them at risk, according to telco protection specialist SecurityGen. They are also particularly vulnerable as they are in the midst of a transition and the agility of 5G, the cloud and Open RAN has also brought fragility. These threats must be addressed pre-emptively, it said. “MNOs must shift to be more proactive,” said SecurityGen CTO Dmitry Kurbatov.
Instead of reacting to downtime operators can be proactive, stay ahead of attackers, defend their networks and protect their subscribers continually. “They must use the latest insights drawn from threat intelligence along with an automated assessment of the strength of their network defences by continually verifying threats and testing for vulnerabilities,” said CTO Kurbatov, co-founder of a specialist in automated threat intelligence enforcement.
Rome-based start-up SecurityGen offers telcos an artificial cybersecurity expert (ACE) that is effectively a ‘breach and attack’ simulation system. The founders claim ACE is the first system purpose-built for securing mobile networks, by continuously testing the strength of their network defences against simulated attacks and techniques. ACE identifies and reports potential gaps and vulnerabilities within the operator’s network. It then carries out simulations of real-world attacks on these vulnerabilities to assess their seriousness and the potential damage that an actual attack could cause.
In May the US Federal Bureau of Investigation (FBI) warned in a briefing paper that MNOs struggle to maintain and keep pace with routine software patching of Internet-facing services and endpoint devices. The three major US Govt security agencies, FBI, the National Security Agency (NSA) and the US Cybersecurity and Infrastructure Agency, have warned that hackers breached major mobile network operators (MNOs) by exploiting software flaws in their network equipment, particularly the routers.The FBI had earlier issued a paper warning of a variety of devious hacking variants being primed for Ransomware attacks. Telco security should look out for names like Conti, BlackMatter, Suncrypt, Sodinokibi and BlackByte, it warned.
Telecom security specialist SecurityGen said attacks on telcos can include everything from targeted denial of service, data theft and full network outages. The new technologies used by MNOs, like 5G, cloud, virtualisation and open RAN have created both agility and fragility. The convergence of IT and telecoms also brings significant new security problems and current security measures aren’t enough to identify vulnerabilities in networks, according to Kurbatov. The MNOs might not even notice these weak spots but malicious attackers will and they’ll exploit them.
“5G may have better security protocols than previous generations but the complex 5G ecosystem presents several pathways for hackers to seek access,” said Kurbatov, “as 5G relies on popular protocols like HTTP/2 and IP, hackers need no specialist telecom knowledge and skills to attack.”