Telecoms companies, their core infrastructure and the large volumes of personal data they hold on subscribers, all represent an attractive target for malicious actors. Telecoms have suffered more attacks than any other surveyed. Telecoms organisations admitted to having faced four attacks on average over the last twelve months, according latest report on cyber security in the global telecoms Industry of EfficientIP.
Top five security threats for Telecoms organisations are: DDoS (42%), Malware (36%), DNS Tunnelling (31%), Cache Poisoning (28%) and Zero-Day Exploits (20%). Telecoms organisations face the most DNS-based attacks, and each attack costs companies an average of £460,000 to remediate. DNS-based attacks cost organisations globally £1.7 million on average every year across several industries.
India is also seeing increasing number of attacks in the telecom sector: The country’s largest telecom network – BSNL – faced a botnet attack which affected the information built into modems used for BSNL’s broadband services across the country. Over 2,000 customers were affected, with many facing issues with their broadband connectivity for over three days. The malware attacked internal modems in the National Internet Backbone of the BSNL.
Similarly, MTNL connectivity issues arose due to malware attack. For over three days, both BSNL and MTNL networks were down across states in India. The offices of BSNL and MTNL were flooded with complaints.
The personal data of over 100 million customers was compromised when Reliance Jio suffered a major data breach. The data had leaked onto a website in what analysts said could be the first ever large-scale breach at an Indian telecom operator. This sensitive data is a compelling target for cyber-criminals or insiders looking to blackmail customers, conduct identity theft, steal money or launch further attacks
Government agencies are increasingly attacking telecom operators’ infrastructure and applications to establish covert surveillance under the umbrella of security requirements. These sophisticated actors typically use very advanced persistent threats (APT) that can operate undetected for long periods of time. Communication channels targeted for covert surveillance include everything from phone lines and online chat to mobile phone data. Such attacks are also used by adversary nation-states. There have even been cases where one nation’s cyber-attack prevented another nation’s leaders from communicating on their mobile devices.
IDST Monthly Access Membership Required
You must be a IDST Monthly Access member to access this content.