Cybersecurity Series: What are Communications Companies Facing?

Posted by Mary Ashley Canevaro on May 15, 2018

cybersecurity-1Communications companies possess extensive consumer data, including financial and behavioral information. Customers subscribe to services that range from home and mobile phone service, cable, Internet, and more.

As cybercrime becomes more common, communications companies are a prime target. Research shows:

Historically, the industry has been successful at managing risks and protecting our networks, but new cyber threats are creating uncertainty. Are communications companies prepared to prevent future attacks? 


Current Challenges with Cybersecurity
According to Kaspersky’s Threat Intelligence Report for the Telecommunications Industry, cybercrime presents threats in two key ways: the first is attacks aimed directly at business and operations, and the second is attacks targeting subscribers. These attacks can exist in many different forms, such as:
  • Distributed Denial of Service (DDoS) attacks - DDoS attacks continue to increase in power and scale and the telecommunications sector is hit harder than any other. Direct DDoS attacks can reduce network capacity, degrade performance, increase traffic exchange costs, disrupt service availability, and bring down Internet access.
  • Exploitation of vulnerabilities in network and consumer devices - Vulnerabilities in network devices, USBs, routers, and some mobile phones all provide opportunities for attacks.
  • Social engineering, phishing or malware - These common techniques can easily be mastered by inexperienced cybercriminals.
  • Insider threat - Insiders are recruited to help perpetrate cybercrime, either voluntarily or through blackmail.

The potential repercussions of a successful attack can be widespread and damaging, ranging from phone or internet service interruption, credit card and identity theft, website disruption, and damage to brand identity. For a major provider, the consequences could span nationwide or internationally, causing problems for millions of businesses, consumers, and government agencies.

Where Do Cyber Threats Originate?

The source of threats to communications providers is a complex landscape. Nation States and foreign intelligence agencies are highly capable and motivated threats, with a long history of targeting providers for eavesdropping and information gathering. Terrorists, activists, and other political groups also target communications infrastructure to advance their agendas. In addition, communications companies that have diversified into financial products are a prime target for organized criminals.

Hackers and cyber criminals are also a great concern. They form structured organizations that work together to launch attacks.


Current State of Cybersecurity for Communications

Threats in the Cloud

A demand for cloud-based solutions are leading providers to transform from networks to cloud-service. These new applications and services store and distribute content that represents enormous risks to cybersecurity. According to a PWC survey, only 50% of telecom companies have a security strategy for cloud computing.

Risks from the Internet of Things (IoT)

IoT devices are being deployed across networks, bringing huge benefits to businesses and consumers. Attackers can imperil these devices using botnets, causing DDoS attacks to grow larger, more frequent, and more complex. In the past five years alone, DDoS attack size has grown 1,233 percent, and the attack size increased 60 percent from 2015 to 2016. The chances that a provider will be hit by a DDoS attack have never been higher.

DDoS attacks have successfully made many leading web properties unreachable – costing thousands, sometimes millions, of dollars in revenue.


Regulations and Guidelines on Cybersecurity
A combination of regulations and published best practices (from government agencies and industry organizations) promote collaboration; they increase education and awareness efforts related to cybersecurity threats, information sharing, and incident response. 

In May 2017, an executive order on cybersecurity was signed, which requires all federal agencies adopt the Framework for Improving Critical Infrastructure Cybersecurity, developed by the National Institute of Standards and Technology (NIST). The framework was established by experts with input from the private sector, as well as the public, and is described as “a common language for understanding, managing, and expressing cybersecurity risk both internally and externally

The trade associations, USTelecom and the Information Technology Industry Council (ITI), have joined together to create the Council to Secure the Digital Economy. The group works to combat cyber threats (such as hacking) to address technological vulnerabilities that could lead to data breaches and other compromises.

Additional resources to support cybersecurity in the telecom industry include:

How Can Communications Companies Become More Secure?
The threat landscape shows that vulnerabilities exist on many levels: hardware, software, and human, and that attacks can come from many directions. A multi-layered security solution should cover threat prediction, attack prevention, detection methods, incident response strategies, and investigation resources.

Providers should start regarding security as a comprehensive program that (at a minimum) includes the following:

  • Highly-trained personnel (make sure all employees can recognize a phishing link)
  • Up-to-date security technology (antivirus software, firewall patches, etc.)
  • Tools to detect, analyze, and respond to threats
  • An internal or trusted external audit system that reviews firewalls and internal security
  • Access control on the perimeter
  • Deep packet inspection

However, a standalone cybersecurity program is not enough. It needs to be complemented by collaboration and shared intelligence. Many companies have agreements in place to share network capability and capacity in the case of disruption; now is the time to start reaping the benefits of shared intelligence.

As an example, four telecommunications companies have formed a cybersecurity group with the aim to exchange data on threats and tap each other's resources to support customers across the globe. Singtel, SoftBank, Etisalat, and Telefónica established the Global Telco Security Alliance to better respond to potential threats. Other companies are also considering cyber insurance to protect their business, or investing in external cybersecurity experts to help improve cybersecurity measures.

As cyber threats continue to evolve and advance, the industry must react and adjust. Cybersecurity measures should consider all possible risks and construct a plan to mitigate those risks. Threats will continue to change, and providers will need to adopt a mentality of assessment and improvement to keep infrastructure protected.

Stay tuned for future posts that examine how changing security needs are impacting CATV and broadband companies. Click here to read a general overview of cybersecurity for infrastructure. Click here to read about electric power companies' current challenges with cybersecurity.

Ask us questions about cybersecurity, or share your thoughts, in the comment section below.

To learn more about the interconnected web of joint use infrastructure and about managing infrastructure assets, download this free e-book.

Joint Use Asset Management Basics