Cybersecurity Series: What are Communications Companies Facing? (Part 3/5)
Communications companies possess extensive consumer data, including financial and behavioral information. Customers subscribe to services that range from home and mobile phone service, cable, Internet, and more.
As cybercrime becomes more common, communications companies are a prime target. Research shows:
- In the last decade, cyberattacks have led to attacks on over 50 million customer records
- 71 percent of large telecoms (10,000+ employees) have seen an increase in attempted breaches over the past year
- 81 percent expect attacks to increase in the coming year
Historically, the industry has been successful at managing risks and protecting our networks, but new cyber threats are creating uncertainty. Are communications companies prepared to prevent future attacks?
Current Challenges with Cybersecurity
- Distributed Denial of Service (DDoS) attacks - DDoS attacks continue to increase in power and scale and the telecommunications sector is hit harder than any other. Direct DDoS attacks can reduce network capacity, degrade performance, increase traffic exchange costs, disrupt service availability, and bring down Internet access.
- Exploitation of vulnerabilities in network and consumer devices - Vulnerabilities in network devices, USBs, routers, and some mobile phones all provide opportunities for attacks.
- Social engineering, phishing or malware - These common techniques can easily be mastered by inexperienced cybercriminals.
- Insider threat - Insiders are recruited to help perpetrate cybercrime, either voluntarily or through blackmail.
The potential repercussions of a successful attack can be widespread and damaging, ranging from phone or internet service interruption, credit card and identity theft, website disruption, and damage to brand identity. For a major provider, the consequences could span nationwide or internationally, causing problems for millions of businesses, consumers, and government agencies.
Where Do Cyber Threats Originate?
The source of threats to communications providers is a complex landscape. Nation States and foreign intelligence agencies are highly capable and motivated threats, with a long history of targeting providers for eavesdropping and information gathering. Terrorists, activists, and other political groups also target communications infrastructure to advance their agendas. In addition, communications companies that have diversified into financial products are a prime target for organized criminals.
Hackers and cyber criminals are also a great concern. They form structured organizations that work together to launch attacks.
Current State of Cybersecurity for Communications
Threats in the Cloud
A demand for cloud-based solutions are leading providers to transform from networks to cloud-service. These new applications and services store and distribute content that represents enormous risks to cybersecurity. According to a PWC survey, only 50% of telecom companies have a security strategy for cloud computing.
Risks from the Internet of Things (IoT)
IoT devices are being deployed across networks, bringing huge benefits to businesses and consumers. Attackers can imperil these devices using botnets, causing DDoS attacks to grow larger, more frequent, and more complex. In the past five years alone, DDoS attack size has grown 1,233 percent, and the attack size increased 60 percent from 2015 to 2016. The chances that a provider will be hit by a DDoS attack have never been higher.
DDoS attacks have successfully made many leading web properties unreachable – costing thousands, sometimes millions, of dollars in revenue.
Regulations and Guidelines on Cybersecurity
In May 2017, an executive order on cybersecurity was signed, which requires all federal agencies adopt the Framework for Improving Critical Infrastructure Cybersecurity, developed by the National Institute of Standards and Technology (NIST). The framework was established by experts with input from the private sector, as well as the public, and is described as “a common language for understanding, managing, and expressing cybersecurity risk both internally and externally
The trade associations, USTelecom and the Information Technology Industry Council (ITI), have joined together to create the Council to Secure the Digital Economy. The group works to combat cyber threats (such as hacking) to address technological vulnerabilities that could lead to data breaches and other compromises.
Additional resources to support cybersecurity in the telecom industry include:
- Department of Homeland Security’s Office of Cybersecurity and Communications and the Office of Infrastructure Protection
- National Telecommunications and Information Administration
- Federal Communications Commission’s Communications Security, Reliability, and Interoperability Council
- General Data Protection Regulation – European legislation that places severe repercussions on a data breech
How Can Communications Companies Become More Secure?
Providers should start regarding security as a comprehensive program that (at a minimum) includes the following:
- Highly-trained personnel (make sure all employees can recognize a phishing link)
- Up-to-date security technology (antivirus software, firewall patches, etc.)
- Tools to detect, analyze, and respond to threats
- An internal or trusted external audit system that reviews firewalls and internal security
- Access control on the perimeter
- Deep packet inspection
However, a standalone cybersecurity program is not enough. It needs to be complemented by collaboration and shared intelligence. Many companies have agreements in place to share network capability and capacity in the case of disruption; now is the time to start reaping the benefits of shared intelligence.
As an example, four telecommunications companies have formed a cybersecurity group with the aim to exchange data on threats and tap each other's resources to support customers across the globe. Singtel, SoftBank, Etisalat, and Telefónica established the Global Telco Security Alliance to better respond to potential threats. Other companies are also considering cyber insurance to protect their business, or investing in external cybersecurity experts to help improve cybersecurity measures.
As cyber threats continue to evolve and advance, the industry must react and adjust. Cybersecurity measures should consider all possible risks and construct a plan to mitigate those risks. Threats will continue to change, and providers will need to adopt a mentality of assessment and improvement to keep infrastructure protected.
Stay tuned for future posts that examine how changing security needs are impacting CATV and broadband companies. To read a general overview of cybersecurity for infrastructure, click here. To read about electric power companies' current challenges with cybersecurity, click here.
Ask us questions about cybersecurity, or share your thoughts, in the comment section below.
To learn more about the interconnected web of joint use infrastructure and about managing infrastructure assets, download this free e-book.