In many ways, telecom companies are no different than other companies when it comes to cybersecurity. They’re potential targets because they handle sensitive and valuable data.
However, telecom companies are in a class by themselves when it comes to defending cyberattacks. The sheer number of different threat vectors makes telecom companies uniquely vulnerable. Perhaps that’s why so many have been targeted in the past.
Telecom Data Breaches
Telecom companies may not be the most targeted industry, but they’re near the top due to the value of their data. According to cybersecurity firm EfficientIP, 43% of telecom operators suffered from DNS-based malware attacks in 2018. That’s almost half the companies being targeted by just one type of attack. And that was five years ago. Things have ramped up since then.
Cognyte’s Threat Intelligence research group has been looking into recent attacks on the telecom industry. While there has been an increase in nation-state groups’ activities, a more troubling trend seems to be the overall increase in cybercrime against the telecommunications sector.
A compounding factor is the length of time telecom companies have been taking to report on a data breach. Now the FCC wants to “eliminate the outdated seven business day mandatory waiting period” and require operators to quickly notify the agency, law enforcement and customers of major data breaches. This new rule is a testament to how valuable telecom data is.
Telecom Data Threats
Because telecom products and services are used to tie together almost every facet of other businesses, just about everything they do is part of an attack surface. They have to defend everything they offer.
Georgia Bafoutsou, Cybersecurity Officer at the European Union Agency for Cybersecurity (ENISA), highlights the most impactful attack vectors telecom companies must defend against:
- Distributed denial of service (DDoS) attacks
- Network intrusion
- Signaling attacks
- SIM swapping
- Targeted attacks
- Smishing attacks
- Supply chain attacks
As you can see by the list above, there is no one cybersecurity tool that will defend against all those threats. Consequently, for telecom companies to effectively defend their offerings from attack, they’re going to have to adopt an organization-wide discipline, that probably involves multiple cybersecurity tools, and is employed continuously, on an on-going basis, indefinitely.
Is there such a discipline that can help telecom companies address all their threats? Yes, there is. Threat modeling.
Threat modeling is not a one-time project. It is an on-going process, a discipline that organizations adopt to identify and mitigate all technological and business risks associated with their attack surface. It is the exact type of process telecom companies require to address the wide variety of threats they face.
A good way to jump-start a threat modeling process is to employ a scalable, automated threat modeling tool like ThreatModeler. ThreatModeler is a close to one-click threat modeling as there is today. More importantly, it is threat agnostic. In other words, it helps you identify and mitigate all the different types of threats highlighted above.
If you’d like to learn more about ThreatModeler, we encourage you to reach out to us here.