Modern commercial and social life is highly dependent on interlinked communications networks, services, and providers, and this dependence is only going to increase with the proliferation of connected devices associated with the Internet of Things (IoT). However, as our dependence increases, these communications networks are experiencing a growing number, diversity, and sophistication of security attacks and frauds.
The huge variety of devices, databases, services, and applications connected to communications networks are simply too tempting for individuals and groups with nefarious intentions to ignore. Financially motivated criminals and politically motivated rogue states are constantly seeking to identify and exploit new vulnerabilities in the communications ecosystem.
While some of these cybercriminals and fraudsters are attempting to disrupt services for commercial, political, or ideological reasons, others are motivated by the desire for revenge, recognition, or simply by the challenge.
No business is immune to the threats posed by cybercriminals and fraudsters, whether through virus or denial-of-service attack, data interception or hijack, ransomware or insider trading, key logging or SIM box fraud, and Wangiri or revenue-share frauds. The costs of security breaches and frauds can be considerable, including direct financial costs, reputational costs, legal costs, and opportunity costs.
The impact of service outages and interruptions, data leaks and interceptions, and fraudulent and illegitimate transactions is only going to escalate as more devices become connected and more personal, corporate, and national data are migrated to the cloud.
Furthermore, a service doesn’t need to have completely failed to cause a significant impact – degradation can be as much of a problem for some end-user services (e.g., access to emergency services, monitoring, and control of remote systems).
However, too often cybersecurity and fraud prevention are considered “someone else’s problem”. Many companies don’t make hardening a service against cyberattacks a priority in the design process. They assume either that attacks are unlikely to occur or that some other part of the systems will provide sufficient defense. This attitude must change, and Omdia believes that wholesale telecoms providers need to lead the change to ensure that all databases, interfaces, services, and networks are secure by design.
Wholesale telecoms providers have visibility of their customers’ and customers’ customers’ traffic as it traverses their network, which makes them ideally positioned to identify and mitigate many types of threat. This is particularly true for tier-1 carriers, which transport vast volumes of traffic for their customers and partners, and for those wholesalers that offer managed network service solutions (or network outsourcing) to their customers.
Companies operating in the wholesale telecoms market have many reasons to implement measures to defend against security attacks and fraud. They need to protect their own systems, data, and services from hackers, interception, and other forms of malicious disruption.
By using powerful analytics tools, carriers can monitor traffic patterns, identify rogue traffic, and swiftly take action to terminate or otherwise mitigate the threat. In addition to benefitting the customer being targeted by a particular attack, wholesalers can use the experience gained to protect all of their customers and their customers’ customers.
DDoS attacks are becoming more complex, and their impact is increasing as attackers use them to extort ransoms or as a distraction from a more pernicious attack. The development of software-defined networks, Artificial Intelligence (AI), and the Internet of Things (IoT) are presenting new security challenges.
Poorly protected connected IoT and other network devices have been used to launch distributed denial-of-service (DDoS) attacks on multiple targets. Many industry efforts are underway to establish security guidelines for the deployment of IoT in mission-critical and industrial applications. IoT security is an important issue because devices often have little processor power or memory, cannot run traditional endpoint security software, and are not easily patched.
Instead many CSPs and wholesalers offer DDoS mitigation service to protect their customers’ assets from distributed attack through deploying regional scrubbing centers that use a combination of real-time monitoring, data analytics, and machine learning to prevent abnormal behavior from spreading.
Others will have to develop partnerships with vendors, systems integrators, and other service providers that can supply the security services demanded by their customers. But all CSPs should collaborate with their customers, suppliers, and partners to share intelligence on threats, attacks, and vulnerabilities as soon as they are identified.
There are already several important collaborative endeavors under the aegis of the ITW Global Leaders Forum (GLF), the Global Settlement Carrier (GSC) Forum, the i3forum, the Communications Fraud Control Association (CFCA), Europol’s CyTel working group, and others. Although most of the leading wholesale carriers now have wide-ranging security portfolios, there are still too many CSPs that continue to believe they can delegate cybersecurity and fraud prevention to their larger cousins, or to their customers.
While a variety of companies and groups are already sharing knowledge and experience, Omdia believe that the wholesale industry needs to be more collaborative and cooperative in its approach to security and fraud prevention. Equipment vendors, software vendors and integrators, and telecoms service providers of all kinds must work together to defend against the variety of threats to their legitimate business. 2020 needs to be the year when all ecosystem players act together and take responsibility for proactively preventing, detecting, and mitigating cybersecurity attacks and telecoms fraud.
Not every player has the specialist resources required to perform these critical checks, but external specialist companies are available, including Managed Security Services Providers (MSSPs) that already have these capabilities in-house can secure additional revenue and boost the confidence and loyalty of their customers and partners by offering to conduct these audits for them.
Omdia believes the rapidly rising volume and sophistication of threats means that some forms of security capability are fast becoming a necessity in CSPs’ portfolios.
Fundamental security services, such as DDoS detection and mitigation, the identification and filtering of spam and spoofing attempts, and SIM box detection, will soon need to be provided with any international traffic service. Furthermore, some of those services will become standard features of leading wholesalers’ offers. Wholesalers offering managed network services and network outsourcing solutions should include a comprehensive suite of security and anti-fraud services to protect their customers and their customers’ customers.
Wholesalers and other CSPs should work with their partners and vendors to embed security capabilities into new network structures and services from their inception. It is critical to eliminate the back doors and default passwords that attackers are so good at identifying and exploiting. Carriers should evaluate the need for encryption of key communications and data stores. They should also decide how best to ensure the resilience and recovery of critical systems and links, at the time they are proposed rather than as an afterthought. Furthermore, any security or fraud-prevention service must be adaptable and upgradeable to cope with new threats as they emerge. This is a never-ending battle to protect businesses, customers, and partners.