Cybersecurity and fraud prevention in telecommunications: a collective responsibility?

3 April 2020 |  David James, Practice Leader, Wholesale Telecoms, Omdia

Growing number and sophistication of security breaches and frauds

Modern commercial and social life is highly dependent on interlinked communications networks, services, and providers, and this dependence is only going to increase with the proliferation of connected devices associated with the Internet of Things (IoT). However, as our dependence increases, these communications networks are experiencing a growing number, diversity, and sophistication of security attacks and frauds.

The huge variety of devices, databases, services, and applications connected to communications networks are simply too tempting for individuals and groups with nefarious intentions to ignore. Financially motivated criminals and politically motivated rogue states are constantly seeking to identify and exploit new vulnerabilities in the communications ecosystem.

While some of these cybercriminals and fraudsters are attempting to disrupt services for commercial, political, or ideological reasons, others are motivated by the desire for revenge, recognition, or simply by the challenge.

Cybersecurity and fraud prevention are everyone’s responsibility

No business is immune to the threats posed by cybercriminals and fraudsters.

No business is immune to the threats posed by cybercriminals and fraudsters, whether through virus or denial-of-service attack, data interception or hijack, ransomware or insider trading, key logging or SIM box fraud, and Wangiri or revenue-share frauds. The costs of security breaches and frauds can be considerable, including direct financial costs, reputational costs, legal costs, and opportunity costs.

The impact of service outages and interruptions, data leaks and interceptions, and fraudulent and illegitimate transactions is only going to escalate as more devices become connected and more personal, corporate, and national data are migrated to the cloud.

Furthermore, a service doesn’t need to have completely failed to cause a significant impact – degradation can be as much of a problem for some end-user services (e.g., access to emergency services, monitoring, and control of remote systems).

However, too often cybersecurity and fraud prevention are considered “someone else’s problem”. Many companies don’t make hardening a service against cyberattacks a priority in the design process. They assume either that attacks are unlikely to occur or that some other part of the systems will provide sufficient defense. This attitude must change, and Omdia believes that wholesale telecoms providers need to lead the change to ensure that all databases, interfaces, services, and networks are secure by design.

Wholesale telecoms providers have visibility of their customers’ and customers’ customers’ traffic as it traverses their network, which makes them ideally positioned to identify and mitigate many types of threat. This is particularly true for tier-1 carriers, which transport vast volumes of traffic for their customers and partners, and for those wholesalers that offer managed network service solutions (or network outsourcing) to their customers. 

The unique position of wholesalers

Companies operating in the wholesale telecoms market have many reasons to implement measures to defend against security attacks and fraud. They need to protect their own systems, data, and services from hackers, interception, and other forms of malicious disruption.

By using powerful analytics tools, carriers can monitor traffic patterns, identify rogue traffic, and swiftly take action to terminate or otherwise mitigate the threat. In addition to benefitting the customer being targeted by a particular attack, wholesalers can use the experience gained to protect all of their customers and their customers’ customers.

Wholesale service providers are also more interdependent, cooperative, and collaborative than retail service providers.
The relationships between players in the wholesale market are complex and multidimensional. This combination of competitive, cooperative, and collaborative working is exactly what is required when seeking to stymie the efforts of cybercriminals and fraudsters. The bad guys are already sharing tips and tricks on vulnerabilities and means of attack. Communications service providers (CSP) need to cooperate more effectively if they are to minimize the impact of cybersecurity and online fraud. CSPs must share their experiences of which measures work and which do not. Wholesalers are already part way to establishing that cooperative defensive partnership.

DDoS protection is the fastest growing security market 

The ability to shield companies from distributed denial-of-service (DDoS) attacks is the most sought-after cybersecurity capability.
— Omdia’s enterprise security market forecast

DDoS attacks are becoming more complex, and their impact is increasing as attackers use them to extort ransoms or as a distraction from a more pernicious attack. The development of software-defined networks, Artificial Intelligence (AI), and the Internet of Things (IoT) are presenting new security challenges.

Poorly protected connected IoT and other network devices have been used to launch distributed denial-of-service (DDoS) attacks on multiple targets. Many industry efforts are underway to establish security guidelines for the deployment of IoT in mission-critical and industrial applications. IoT security is an important issue because devices often have little processor power or memory, cannot run traditional endpoint security software, and are not easily patched.

Instead many CSPs and wholesalers offer DDoS mitigation service to protect their customers’ assets from distributed attack through deploying regional scrubbing centers that use a combination of real-time monitoring, data analytics, and machine learning to prevent abnormal behavior from spreading.

Collaborate and partner to share intelligence and beat the threats

No carrier is an island – all players in the communications market depend on each other. Attacks on one company can swiftly have an adverse impact others. Carriers must work together if they are to combat the many networks of cybercriminals. They must put in place processes and systems to facilitate the investigation of suspicious cross-network traffic and behavior. Many future attacks will require a distributed and coordinated response – possibly even involving parties not directly affected by a particular attack. Wholesalers and their partners need to work together for their collective benefit.
Only the largest telecoms groups will be able to afford the continual investment necessary to keep up with new threats and frauds.

Others will have to develop partnerships with vendors, systems integrators, and other service providers that can supply the security services demanded by their customers. But all CSPs should collaborate with their customers, suppliers, and partners to share intelligence on threats, attacks, and vulnerabilities as soon as they are identified.

There are already several important collaborative endeavors under the aegis of the ITW Global Leaders Forum (GLF), the Global Settlement Carrier (GSC) Forum, the i3forum, the Communications Fraud Control Association (CFCA), Europol’s CyTel working group, and others. Although most of the leading wholesale carriers now have wide-ranging security portfolios, there are still too many CSPs that continue to believe they can delegate cybersecurity and fraud prevention to their larger cousins, or to their customers.

While a variety of companies and groups are already sharing knowledge and experience, Omdia believe that the wholesale industry needs to be more collaborative and cooperative in its approach to security and fraud prevention. Equipment vendors, software vendors and integrators, and telecoms service providers of all kinds must work together to defend against the variety of threats to their legitimate business. 2020 needs to be the year when all ecosystem players act together and take responsibility for proactively preventing, detecting, and mitigating cybersecurity attacks and telecoms fraud.

Act now to identify and resolve security needs

The first task for CSPs is to determine their security needs – both internal and external. To do that, carriers should conduct thorough security audits of their systems, processes, and practices to uncover any vulnerabilities, configuration issues, or omissions. They should proactively prioritize the threats they are likely to be subjected to by evaluating the combination of the likelihood and potential impact. 
VIDEO: Discover how you can adopt the connected security approach to protect your digital business today

Not every player has the specialist resources required to perform these critical checks, but external specialist companies are available, including Managed Security Services Providers (MSSPs) that already have these capabilities in-house can secure additional revenue and boost the confidence and loyalty of their customers and partners by offering to conduct these audits for them.

Omdia believes the rapidly rising volume and sophistication of threats means that some forms of security capability are fast becoming a necessity in CSPs’ portfolios.

Some forms of security capability are fast becoming a necessity in CSPs’ portfolios.

Fundamental security services, such as DDoS detection and mitigation, the identification and filtering of spam and spoofing attempts, and SIM box detection, will soon need to be provided with any international traffic service. Furthermore, some of those services will become standard features of leading wholesalers’ offers. Wholesalers offering managed network services and network outsourcing solutions should include a comprehensive suite of security and anti-fraud services to protect their customers and their customers’ customers.

Wholesalers and other CSPs should work with their partners and vendors to embed security capabilities into new network structures and services from their inception. It is critical to eliminate the back doors and default passwords that attackers are so good at identifying and exploiting. Carriers should evaluate the need for encryption of key communications and data stores. They should also decide how best to ensure the resilience and recovery of critical systems and links, at the time they are proposed rather than as an afterthought. Furthermore, any security or fraud-prevention service must be adaptable and upgradeable to cope with new threats as they emerge. This is a never-ending battle to protect businesses, customers, and partners.

Learn how a cybersecurity attack could impact your business.

This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. CenturyLink does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. This document represents CenturyLink’s products and offerings as of the date of issue. Services not available everywhere. Business customers only. CenturyLink may change or cancel products and services or substitute similar products and services at its sole discretion without notice. ©2020 CenturyLink. All Rights Reserved.

Related Articles

Where digital business goes to network
Where digital business goes to network