Page 130 - SAMENA Trends - February-March 2021

P. 130

ARTICLE SAMENA TRENDS

Telecom providers had the figure still remained high in 2020. just one part of the challenge though.
Another recent report reveals that the
Preventing unauthorized access, securing
highest volume (30%) of following DNS attacks are on the rise too: data transmissions and ensuring smooth
sensitive customer infor- • Multi-vector attacks – targeting several monitoring of a much larger attack surface
mation stolen through DNS protocols at once – increased by 65% in are the key security challenges for telcos.
the fourth quarter of last year.
attacks when compared • DNS amplification is the most popular Despite low adoption, IoT devices have
to healthcare, banking, current cyber threat for DDoS attackers. already proven to present both internal
In 2019-20, it has been present in one-
and external threats to cybersecurity. First
education, and public third of all attacks. of all, the device itself can be exposed to
services sectors. In general, • The average bandwidth attack increased various cyber threats and vulnerabilities
43% of telecom companies to 5 Gbps in 2020 – up from 2 Gbps in due to manufacturing issues. Secondly,
misconfiguration and lack of proper
2016.
were victims of DNS-based • Corrupt cloud servers are under fire too. security measures make an IoT device
malware and 81% needed The volume of DDoS attacks involving an easy entry-point to the entire network
these increased to 51%.
of devices, or worse – the supporting
3+ days to apply a critical Notably the biggest issue with DDoS architecture. In short, most attackers will
security patch. attacks for telcos is that a large-scale have an easier way of finding a leeway as
attack could easily create a domino effect. the surface of attack increases.
In 2018, the figure rose by 42% and reached For instance, an operator network overload Some of the common types of cybersecurity
$886,560 on average. To a large extent, would likely affect a customer who co- threats happening at network level are as
this drastic increase can be attributed resides or is reliant on the infrastructure follows:
to slow response time: on average 3 transporting the attack. • Network congestion
employees need 17+ hours to mitigate • RFIDs interference and spoofing
such cybersecurity threats. How Telcos Can Protect Against DDoS • Node jamming in WSN
Attacks • Eavesdropping attacks
Another report from 2018 indicates • Set up robust Access control lists • Sybil attacks
that telecom providers had the highest (ACL) – your first line of defense. Note, • DDoS attacks
volume (30%) of sensitive customer however, that ACL has a scaling issue. • Routing attacks
information stolen through DNS attacks A rapid increase of temporary ACLs,
when compared to healthcare, banking, built to resist a large-scale attack, can Offering solid protection against these
education, and public services sectors. In have a major performance impact on is a joint responsibility between network
general, 43% of telecom companies were different router hardware and software, operators and IoT users.
victims of DNS-based malware and 81% making the overall management rather
needed 3+ days to apply a critical security challenging. Thus, it’s best to write Telcos are usually the prime
patch. several scripts for automatic router target for DDoS attacks. As
DNS Attack Prevention Best Practices configuration and ACL management.
• Switch from a reactive to a proactive • Implement black hole scrubbing – a much as 65% of the global
approach to cybersecurity. Start variation of the block hole filtering DDoS attacks in 2018 were
applying adaptive countermeasures. technique. In this case, the traffic aimed at communication
• Implement real-time analytics for DNS is redirected to a different physical
transactions and gradually build up interface – a scrubbing center – that services providers and the
a behavioral threat detection suite, can weed out the good traffic from the figure still remained high in
capable of detecting both known and malicious one. A number of software
emerging cyber threats and protect vendors offer such solutions. 2020.
against data theft/leaks. • Real-time DDoS monitoring is a
• Enhance your firewalls with ML- must - The best-of-breed tools are IoT Cybersecurity Best Practices
driven response policies on traffic to now powered with machine learning Below are some of the key best practices
suspicious hostnames. functionality, meaning their detection the association proposes against common
• Implement query monitoring and accuracy progressively increases over cybersecurity threats:
logging for all suspicious endpoints. time. • Network operators should use UICC
based mechanisms for the secure
4) DDoS Attacks 5) IoT Network Security identification of IoT devices. You can
Telcos are usually the prime target for By 2021, Gartner estimates that some also provide single sign-on services
DDoS attacks. As much as 65% of the 25 billion IoT devices will be connected for devices but mind the security trade-
global DDoS attacks in 2018 were aimed at to telecom networks. Accommodating offs.
communication services providers and the such an increased volume of data is • Enable secure authentication for all

130 FEB-MAR 2021

125 126 127 128 129 130 131 132 133 134 135