2020 has demonstrated how crises can force people to rely more and more on mobile and remote connectivity solutions. This may sound like a driver for more business for Mobile Network Operators. However, surging reliance on mobile connectivity can prove to be a double-edged sword for MNOs and their enterprise clients. An increase in cellular endpoints (including IoT devices) and their usage has been accompanied by an explosion in cyber attacks, including attacks on private and public cellular networks.
In early 2020, the GSMA released a summary of some of the most pressing threats to network operators. A lot has happened since but in a way little has changed. It is evident today that the threats detailed in the report are just as relevant in 2021 as they were in 2020, if not more so.
Why MNOs should pay attention to risks and threats
In an arena as competitive as mobile connectivity, it’s no longer just about providing a cellular connection to subscribers. To maintain a competitive advantage and to protect their business from the costly repercussions of ignoring mobile threats? MNOs today have no choice but to erect defenses against both old and new threats to their organization and brand.
It’s hard to fully quantify the potential costs of ignoring mobile threats, but the tip of the iceberg is quite prominent. Mobile fraud alone is costing MNOs a princely sum. In 2019, the total cost of fraud to the telco industry was estimated to be $28.3 billion. Fraud also hurt overall revenue for network operators by an average of 10% annually.
As MNOs and telcos armed themselves to battle fraud, along came the COVID-19 crisis and reshuffled the cards. As COVID-19 has run rampant globally, remote functionality has become critical. This has caused a sudden and sharp climb in the load on and reliance on network operators. By March 2020, Statista reported a 70% increase in mobile device usage worldwide.
MNOs have begun learning from these shifts and started diversifying their offerings, including among other things, managed security services targeting enterprise organizations.
In order to better prepare for these global shifts in the mobile industry, the first step in the process is understanding the most prevalent threats you and your business face.
Top 8 mobile threats for 2021
1. Mobile device threats
Mobile device exploits are on the rise. In the past year, 40% of organizations reported a mobile device-related incident, and 66% of those said the damage was significant. A lack of consistency with updating mobile apps is a direct cause of out of date privacy settings remaining in the mobile ecosystem. These potentially harmful apps (PHAs) leaking data or without current controls can lead to unauthorized access and use of user data.
With 5 billion global mobile subscribers accounting for half of all internet traffic, users are increasingly relying on mobile devices to run their lives and do their jobs. However, user data access issues have caused a deepening lack of consumer trust throughout the MNO ecosystem.
What can MNOs do to mitigate mobile device threats?
Without physically pushing the update button for customers, MNOs are a bit hamstrung when it comes to preventing mobile device exploitation. It comes down to user vigilance and app makers remaining accountable for keeping their software, services, and dependencies up to date.
This can be helped along if MNOs start to encourage app developer partners to work within the GSMA Privacy Design Guidelines. MNOs and telcos can also actively contribute to industry initiatives like the GSMA’s Device Security Group to help develop industry-wide adoption best-practices.
2. IoT threats
By 2027, over 40 billion IoT-connected devices will be in use, and the market will reach $2.4 trillion annually. The parallel rise in low-cost IoT offerings has led to a spike in vulnerabilities and devices being unwittingly used in botnet attacks. IoT traffic attacks rose by 300% last year, along with a 900% overall rise in IoT exploits.
Even worse, a steady rise in commercial and corporate IoT use has led to a growing number of poorly controlled IoT devices on business networks just waiting to be exploited. These are then manipulated by botmasters, who then use these compromised devices to launch attacks and compromise even more devices. For a quarter of companies surveyed, this averaged $34 million in biannual losses.
What can MNOs do about IoT threats?
There is little MNOs can do directly to prevent the use of insecure IoT devices. However, securing and tracking all IoT devices on your own network and monitoring for activity anomalies is a start. You can also reduce the workload if you ensure those devices are in compliance with network security policies regarding encryption and passwords.
The importance of performing regular audits and creating incident response plans for the event of a botnet attack cannot be understated. Adopting an IoT security solution to monitor and protect your IoT devices proactively is one efficient way to ensure your IoT-connected devices and your network remain secure.
3. 5G threats
A year ago, 5G was a future opportunity and oft-panned conspiracy theory. Fast forward to this year, and 5G has begun rolling out globally. By 2024, 34% of the world’s mobile data use will rely on these 5G networks. This comes with a caveat – people don’t trust it. Larger attack surface, explosive growth in devices connected, and IoT security concerns are just some of the issues that top the list.
In that regard, nearly 3 in 4 of respondents had a high or medium-high level of concern regarding 5G’s impact on security. The current rollout methodology has created many missed opportunities to take advantage of the secure-by-design nature of 5G. 5G also provides an opportunity for hackers and other online deviants to use this faster network to break past security for older generation networks like 2/3/4G.
How can MNOs secure their 5G networks?
As 5G is deployed globally, the first thing for MNOs to double and triple-check is compliance with 5G security standards. This rollout can also be a great impetus to start shutting down older-generation 2G and 3G networks and reduce the number of legacy security issues.
It’s also worthwhile for MNOs to join industry initiatives like the Security Edge Protection Proxy (SEPP), Networks Group, and Coordinated Vulnerability Disclosure program. This goes hand in hand with collaboration with other network operators and telcos in an effort to promote and standardize industry security controls.
4. Signaling service threats
Even as the advent of 5G is upon us, older 2G, 3G, and 4G networks are still deployed and relied on globally. This trend is not one that is expected to change in years to come either. For consumers and MNOs alike, this means 5G data will still be transferred over these older networks. Which, in turn, means legacy threats and vulnerabilities will still require continued countermeasures and updated security controls to compensate for the older, outdated standards.
Security vulnerabilities within older signaling protocols like SS7, GTP, and Diameter are well-known, and the statistics don’t lie. More than half of all call-tapping attempts on 3G networks are successful, and 9 out of 10 SMS messages can be intercepted. What’s more, over two-thirds of MNOs fail to deploy proper protection against SS7 bypass exploits.
What can MNOs do about signaling service threats?
Firstly, to combat signaling threats, telcos and network operators can introduce the standard signaling controls from the GSMA Fraud and Security Group (FASG) guidelines. In addition, it’s critical to employ a set of tools, policies and advanced technological solutions aimed at signaling service threat mitigation. It is also in an operator’s best interests to implement a fraud management system (FMS), buoyed by AI machine learning algorithms to speed up detection.
Your organization also needs to run training situations and develop threat models to be prepared for when things go wrong and the network is actually compromised. These threat models and training can then be used as a base to establish more signaling and security protocols attuned to your organization’s needs.
5. Software threats
Open-source software (OSS) has continued to plague MNOs as a significant threat, and with the 5G rollout, proper utilization of software is front and center. Last year, 47% of released OSS components had a vulnerability discovered in one of their dependencies. On average, those open-source vulnerabilities required three weeks of work to patch. It’s important to remember open source isn’t the same as cost-free.
As each previous mobile generation frequently created proprietary software, they still relied on OSS or shared libraries to drive their business support infrastructure. Some operators simply just wrote their own code to support the specific services they required. This has all led to a great deal of instability within the core structure of MNO systems.
What can MNOs do about software threats?
Software security is another instance where there is only so much MNOs can do internally. One method is to verify your vendors and service implementers can offer a detailed list of OSS/shared libraries and the versions used to allow for patching.
Ensure that the operational OSS libraries in use are sourced from compatible projects and include a long-term management team. Lastly, employ runtime application security protection (RASP) to prevent the exploitation of vulnerabilities among your in-use libraries proactively.
6. Supply chain threats
Attackers will rarely directly go after network operators. Suppliers, on the other hand, can be the low-hanging fruit just waiting to be exploited.
Supply chain threats primarily focus on supply chain resilience and directly complicate operators’ capabilities when delivering products and services. This can range from the presence or lack of trusted suppliers and geopolitical ties to the ability to withstand natural disasters and geopolitical strife.
What can MNOs do to detect and contain supply chain threats?
More than anything in these uncertain times, MNOs really need to know who they are working with and relying on, down to the tiny details. This also means mapping out critical supply chain aspects or services, assessing the security posture of suppliers involved, and adjusting operational security accordingly.
Designing a number of Business Continuity Plans (BCPs) for the eventuality of losing a critical supplier or service is also strongly encouraged. Use those to then run in-depth risk assessments for each focusing on your flexibility, redundancy, and capability to swap that critical chain link.
7. Cloud threats
Cloud and virtualization services are being increasingly relied on during COVID-19 and in 2020 in general, especially in the fields of telecom and IT. This growing dependence has been coupled with an increasing frequency of attacks on insecure and misconfigured cloud services.
The use of public and third-party, cloud-based services has also been increasing among MNOs. One in three telecom employees reported their organizations only relied on security services offered by a public cloud provider during this transition.
This lack of local and overarching security controls for cloud and virtualization usage can be costly. In the last two years alone, cloud misconfigurations have cost enterprises nearly $5 trillion and the release of over 33 billion private user records.
Poor patching, lack of applicable skills on-site, limited network visibility, and misaligned access and isolation controls are just some of the frequently found weak points in virtualization. These can result in data protocol abuse, bypassing network virtualization, host abuse, and cloud computational resources misuse, among other network exploits.
What can MNOs do about cloud threats?
MNOs reliance on private cloud networks means that many threats that public networks suffer from are less prevalent. However, high-risk and legacy areas of data on the network still need to be insulated, and security tools in place need to be virtualization-aware. This also means only using modern hardware that maintains your required security standard as a network operator.
Employees need to be given periodical skill assessments to ensure they are aware and competent of any cloud security based protocols, to ensure they remain up to date on industry trends and adopt new relevant skills, especially when working remotely.
In that vein, MNOs should also streamline access controls to ensure any employees who don’t need access don’t have it, and those that do are limited to relevant areas only. This entails adopting a comprehensive cloud security policy that encompasses all of the cloud and virtualization use for employees in all divisions.
8. The human factor
It seems humans are getting clumsier because there has been a 50% growth in incidents reported relating to human error in the last year; nearly 1 billion lost user hours. 26% had human error as the root cause of those incidences, along with 22% of all data breaches. What’s scarier is, these rises also relate to an increase in reporting overall, so the numbers could actually be much higher.
What MNOs can do to prevent human error
One of the easiest ways to reduce your downtime from human error is to automate your processes wherever possible, particularly for legacy security controls. Where automation won’t suffice, diversify your employees’ skill sets with regular formal and informal training sessions.
For this, MNOs need to improve their skill management capabilities to discern where skill gaps exist. It’s then about deciding whether it’s more worthwhile to purchase the skills (short-term) or develop them internally (long-term). Lastly, make sure you perform annual reassessments for employees with cybersecurity roles to ensure you maintain the right level of competency and knowledge within your teams.
Conclusion
Threats to mobile security and mobile network operators are growing exponentially and costing these organizations a mint. As the world increasingly relies on mobile connectivity to stay in touch with the outside world, network security is more important than ever.
Recognizing and planning ahead for some of the most frequently encountered threats will keep your network one step and set it apart from others. Consumers will notice, and your network can be proactive with its security offerings as 5G rolls out and becomes the new network standard. Adopting a mobile network security solution can help ease the growing pains and keep your network secure at its roots.
Do you have the best security for your subscribers?
FirstPoint’s cellular security solutions can give your subscribers the cyber protection they desperately need .
Contact Us