Telecom networks are a crucial part of society. They provide services, applications, and communication channels that we simply cannot do without. It’s a critical industry, not just because of the billions of users connected all over the world, but because of the other industries and services that rely on the infrastructure — not least the emergency services.
The COVID-19 crisis — and the mandated self-isolation and quarantine measures that have come into effect across the globe — have made the telecoms industry more vital than ever before. Unfortunately, there is a risk that malicious actors will try to exploit this time of crisis to undermine the networks.
We have made a checklist of the top threats telecoms operators should be one the look out for during the crisis:
Attackers trying to steal customer’s money
Financial services and mobile services are tightly integrated throughout the world. Now that customers cannot physically visit a shop or their bank, the mobile network is relied upon more than ever. Unfortunately, there are a number of attack techniques that cyber criminals use to exploit the connection between mobile and money.
For example, 86 percent of networks are vulnerable to SMS interception attacks, which can be used to steal the one time passwords often issued by banks or shopping services over text messages. This is a common problem — Princeton University has listed almost 100 websites vulnerable to SMS interception.
Almost 100% of networks are also vulnerable to SIM spoofing or impersonation. These techniques are specifically useful together with social engineering to commit fraud.
Attacks looking to exploit resources and data
With more information traveling over mobile networks while people are working from home, there is also more risk of hackers exploiting the network to extract user data. This can also be done using the SMS interception attacks outlined above, as criminals try to hijack user credentials and access their accounts.
However, through the network hackers can also try to extract other data, such as people’s location. A massive 75% LTE and 87% of 2G/3G networks are vulnerable to subscriber location disclosure, and our analysis of real attacks against operators and subscribers shows that on average we detect 1,433 attempts of subscriber tracking location per day.
Hackers are constantly evolving and updating their hacking techniques which, unfortunately, means that — according to our data — mobile network operators have become more vulnerable to attack techniques over the past three years.
A particular type of technique that almost all networks are vulnerable to is Denial of Service (DoS) attacks. The possibility of hackers stopping network access for any services is especially worrying at this time. Not only could it grind day to day work to a halt, for those relying on the mobile network for their jobs, but it could be detrimental to emergency services.
Monitor and protect
The reliance on telecom services during this time of crisis means Mobile Network Operators are more likely to be targeted by criminals and that they have increased responsibility to protect their subscribers.
The solution is for operators to monitor the signalling networks at protocol level, to quickly identify vulnerabilities before they strike and make sure existing security measures are getting the job done. With greater visibility into infrastructure vulnerabilities and securing customer services at this critical time, networks can ensure foster customer loyalty and trust.
How we can help:
Download the Work From Home checklist to make sure your company has all its security bases covered.
Explore our Express Monitoring service for a quick evaluation of your signaling network’s current protection level. /services/express-monitoring/