The telecoms cyber threat landscape in 2021
Is there trouble ahead?
Save to Folio
by Mark Hathaway
Telecoms providers operate some of the most complex IT environments in the world. As a result, the services they provide and the data handle for customers makes them a major target for multiple types of threat actor.
Now there’s an added incentive to improve resilience and visibility into such threats: the new UK Telecommunications Security Act, which will mandate improvements in baseline security. But providers looking to develop a compliance strategy must first understand the nature of the threat landscape.
Attacks from all sides
Telecoms firms have a larger cyber-attack surface than most enterprises—stretching from their base station infrastructure to call centres and home workers’ laptops. This provides ample opportunity for threat actors looking for customer data, trying to hijack customer accounts or seeking to disrupt services via DDoS and ransomware.
Supply chain providers, cloud services, IoT systems and the new infrastructure needed to support 5G and network slicing create additional risk, as do the use of flawed protocols like SS7 and Diameter and severe ongoing skills shortages in the market. Telecoms firms are also more likely to suffer DNS attacks than those in other sectors and SIM swapping remains a serious reputational and security concern for providers.
What happened in 2021?
A quick look at the threat landscape over the past 12 months shows a market with a significant breadth of attack targeting the telecoms sector, including:
- DDoS: A coordinated cybercrime campaign designed to extort money from IP-based communications providers emerged in October.
- Hackers-for-hire: Trend Micro uncovered a new mercenary threat group, “Void Balaur” known for targeting telecoms firms for customer data.
- APT groups: Highly sophisticated campaigns, including ones from likely state actors, were also uncovered this year. One group, known as “LightBasin” targeted 13 global telecoms firms over a two-year period, using custom tools and “in-depth knowledge” of telecoms networks to compromise its targets.
Read Trend Micro’s guide to the new Telecommunications Security Act, featuring a guide and tips to enhance your corporate cybersecurity.