Page 134 - SAMENA Trends

Page 134 - SAMENA Trends - February 2020

P. 134

ARTICLE SAMENA TRENDS

some examples of different market sectors operators. These signalling attacks have that 75% of the responding operators cited
that are totally dependent on resilient, risen to global attention since 2014, and are complexity and cost as the main issues
always available telecommunication continuing to increase in sophistication. blocking implementation of advanced
networks. Mobile networks, due to their Espionage on a massive scale abusing countermeasures to signalling exploits
convenience, pervasiveness and increasing mobile telecom networks is being – this indicates that there is potentially
innovation (5G) must be considered continuously conducted by a few well still a lack of understanding regarding
critical infrastructure and their ensured resourced, competent security agencies in the potential severity of attacks against
security and protection must be at the top the MENA region. Call intercept, location the network, with losses on a total outage
of Government agendas if their ambition tracking, data download and device running into the millions.
is to support the digital aspirations of its hijack are now an everyday occurrence
citizens. and unfortunately due to a lack of Carrier Proper National Security Strategy
security focus/knowledge, is getting There are multiple players who are
Cyber-Security and Protecting Against the easier everyday. The old proverb, “HE WHO working to secure critical communications
Future of Warfare KNOWS NOTHING ,FEARS NOTHING”, rings infrastructure through regulation,
Media headlines the world over have been true here! government mandates and operator’s
prophesising devastating scenarios from security measures.
cyber-attacks, and the conversation has The global interconnected nature of tele-
turned from what could happen, to real- communications networks has undeniably It should be noted that the majority
life news stories of attacks. contributed to the rapid development of of a nation’s key telecommunication
society overall by enabling cheap, easy, infrastructure is essentially divested to
This is compounded by industry predictions global collaboration and access to shared private/public companies. Under GDPR,the
that the next war will be a cyber-based one knowledge resources. At the same time, it recent European data regulation (May
– to be waged via “computers, servers and has provided a headache for some govern- 2018) operators now own the subscriber’s
digital weapons”. Cyber-warfare threatens ments whose motivations may be to stifle data security responsibility, but it’s an
our connected future and becomes those who are perceived as a threat to their open question as to whether they have
exceptionally relevant when it’s realised own political views and agendas. any responsibility in protecting the actual
that the underlying telecommunication country in which they operate.
infrastructure has been vulnerable to Throughout the course of AdaptiveMobile
attacks for a number of years. Security’s experience with working The issue of national telecommunications
with mobile operators across the world, infrastructure security is further
Mobile networks , due to we continue to see evidence of state- complicated by the fact that regulators
their convenience, perva- sponsored security probing, intelligence across the globe are often funded or part-
gathering, location tracking, and voice /
funded by mobile operator levies or fees –
siveness and increasing messaging / data interception against the very entities that they are supposedly
innovation (5G)must be individuals. Telecommunications is regulating.
an entirely different paradigm now,
considered critical infra- with vast services running across the One of the most significant concerns, both
structure and their ensured networks adding a layer of complexity and from a national security perspective and for
complication most governments to date
the normal running of an operator’s day-
security and protection have chosen to overlook. to-day business comes from the potential
must be at the top of Gov- effects of security weaknesses or defects
ernment agendas if their Despite this, a significant number of in the core components that a network is
made up from. These types of issues are
providers
telecommunication
remain
ambition is to support the relatively open to attack today. In the of particular relevance if the equipment
digital aspirations of its European Union, the Agency for Network vendor is based in a foreign country (as
(ENISA)
Security
Information
and
is most often the case), and where the
citizens . published an evaluative report on the nation state of that vendors home may
state of signalling security in telecoms be at odds with the nation hosting the
As is well-researched and documented, SS7/Diameter/5G, “EU level assessment communications network.
signalling networks using protocols such of the current situation”, in March 2018.
as SS7, Diameter and GTP are under This highlighted that at the time of We know from our work with operators
attack from adversaries and fraudsters, the report, only 28.21% of responding across the globe that progress is being
exploiting loopholes in the protocols networks had implemented a signalling made. Many carriers have deployed
to breach subscriber privacy, intercept firewall to guard against malicious protective measures and many more
communications, deny access to key attacks originating from the international have a strategy in place to ensure their
services and to directly defraud mobile interconnect points. The report also states networks are secured, yet attacks continue

134 FEBRUARY 2020

129 130 131 132 133 134 135 136 137 138 139