Mobile operators are being urged to be more vigilant against cyberattacks.
Dmitry Kurbatov, co-founder and CTO of SecurityGen, a global provider of security solutions and services for the telecom industry, says the latest security breach at US operator T-Mobile once again underscores network security as both an operational and commercial priority for operators worldwide.
T-Mobile last week revealed that it had suffered a security breach in early January that compromised the data of 37 million customers. The hacker exploited an unprotected Application Programming Interface (API) to breach T-Mobile’s network and obtain a range of customer data, including addresses, phone numbers and dates of birth. In a statement, the operator said that its systems and policies prevented the most sensitive customer information – including financial data - from being accessed.
“The T-Mobile breach is a timely reminder for mobile operators to have in place robust, wide-ranging cyber-security measures that monitor and safeguard every aspect of their networks and which protect their customers as well," says Kurbatov.
“When it comes to protecting APIs, there are basic steps to follow,” he says.
“They include ensuring that all API calls are properly authenticated and authorised: validating all input data received by the API to ensure that it is in the correct format and does not contain any malicious code: limiting the amount of data exposed through a single API: and also regularly testing APIs for vulnerabilities and security weaknesses.”
Kurbatov went on to explain why hackers target mobile operators.
“Operators generate large revenues, serve millions of customers, and store and carry enormous volumes of data. It’s these factors that make them high-value targets for hackers and cyber criminals,” he says.
Last week’s news follows a similar incident in August 2021 when a hacker accessed the data of 7.8 million T-Mobile customers plus over 70 million former and prospective customers. Following the breach, the operator incurred a USD$350 million fine from the FCC and also agreed to spend US$150 million to enhance its cybersecurity. T-Mobile has also been the target for high-profile cyberattacks in 2020, 2019 and 2018.
“Even in instances such as this when no highly sensitive data is compromised, history tells us that the loss of personal information to a cyberattack undermines customers’ trust in their operator. Data theft is costly to operators - both in terms of damage to their brand and the legal fees they have to pay,” says Kurbatov.
“Telecom security is an ongoing process that requires constant vigilance. Operator security teams must continually update their processes and policies to confront current risks and threats - and also prepare for new ones that are emerging with the growth of 5G and the ecosystems of third parties working together on 5G products and services," he says.
"Because 5G networks provide an expanded range of services and connect an expanded number of devices, they offer an expanded attack surface for hackers to exploit.”
Earlier this month, SecurityGen shared its top cybersecurity challenges for mobile operators for the coming year, including 5G’s vulnerability to attack.
“5G’s open architecture enables easy integration with other systems and technologies – but this also leaves 5G vulnerable and exposed to new threats and hidden vulnerabilities,” Kurbatov explains.
“Operators also need to be wary of roaming traffic from non-standalone 5G and legacy networks. Although these threats originate from non-5G networks, they are still able to damage and disrupt 5G services.”
Other leading threats for operators identified by SecurityGen include cyberattacks from hostile states and organised crime groups and advanced ransomware attacks. SecurityGen is also calling for greater industry collaboration to encourage knowledge-sharing and to solve the current cybersecurity skills shortage.
Source: https://securitybrief.co.nz/story/mobile-operators-urged-to-be-more-vigilant-against-cyberattacks