Emulate and stay safe, says Cobham Wireless

Emulating attacks can highlight weaknesses, allowing to fix any problems in advance
Robert Winters, director of communications security at Cobham Wireless
Robert Winters, director of communications security at Cobham Wireless

Share

Emulating attacks can highlight weaknesses, allowing organisations to fix any problems in advance, says Robert Winters, director of communications security at Cobham Wireless

CommsMEA: Are telcos more susceptible to ransomware attacks compared to other industry sectors?

Telcos are not necessarily more susceptible. However, as telcos offer managed security services, they do have to ensure end-to-end security for the safe delivery of video, voice and data applications and services. Whilst ransomware is receiving a great deal of publicity at present, telcos are in fact subject to a constant flow of other threats. These come from malware or denial of service attacks, with hundreds of new certified vulnerabilities uncovered every month, and increasing with the influx of mobile devices being connected to the network.

CommsMEA: Which areas of telco operations are the most at risk?

Due to the end-to-end nature of service delivery, there are, unfortunately, multiple interfaces at risk of attack when connecting a mobile user or ensuring seamless transport through the mobile core and internet.

CommsMEA: What should telcos do to make sure their critical data isn’t affected by ransomware?

The most critical data functions related to network service operations will already be protected and not exposed to the same vulnerabilities as most victims of ransomware. So sources of infection such as email, browsing, pop-ups, file sharing, USBs and the ability to worm into other users’ networks would not be present. Very strict user access control would also be in place with heavy usage of firewall/IPS/IDS systems.

CommsMEA: How does Cobham Wireless help in  strengthening security of telcos?

Cobham Wireless encourages regular vulnerability assessments. Our TeraVM product line emulates thousands of attacks, including ransomware. Attack profiles are updated every couple of weeks to our cybersecurity attack database; each unique threat within this database is a proven exploit to violate an application or service. Emulating attacks can highlight weaknesses, allowing our customers to fix any problems in advance.

It’s also extremely important to validate security infrastructure in both normal modes of operation, as well as when dealing with attacks. Adding security like corporate VPNs inevitably adds processing overhead. Therefore, maintaining end user quality of experience even in normal operating conditions, is critical. The level of overhead that is assigned to dealing with an attack is an important KPI when considering new or upgraded cybersecurity systems.

The recent WannaCry attack was preventable if the practices had been in place. Firewalls could have blocked the encrypted malware from being installed, and prevented its spread by detecting counterfeit DNS lookups to the internet, as well as the vulnerability in the networks. The fact that this exploit was allegedly stolen from government databases shows that a holistic approach to security is required.

Editor's Choice

The robots are coming: Impact of AI on executive search
As the technology industry’s elite struggle to agree on the potential impact of AI and a raft of people queuing up to advise on the potential disruption it will cause, this article by John Curtis-Oliver, Partner at Boyden studies the potential impact on the executive hiring and the executive search industry.
Saudi Football changes pitch from MBC to STC
The news comes just a few days after the release of Saudi businessman Waleed al-Ibrahim, who has management control of MBC. Reuters reports senior Saudi officials saying that Ibrahim agreed to an “undisclosed settlement after admitting to unspecified violations”.
HetNets: paving the way for “ultraband” age
Over time, telecom operators will provide consumers with a “universal connectivity” service (to rule them all), incorporating Wi-Fi and mobile broadband as a single resource, in an “always best connected” mode, leading to an ultraband connectivity service.

Don't Miss a Story

You may also like

Mobile penetration reaches 70% in least developed countries of the world
Digital skills gap identified as a key barrier to ICT and internet use in LDCs
New model proposes device to device networks for improved mobile services
D2D technology works similarly to personal hotspots shared between individuals
CASE STUDY: Telecom Serbia transforms customer experience with Avaya
Operator doubles its attainment of SLAs on mobile services with almost zero abandoned calls
Bahrain leads the Arab world in ICT development index
However, substantial digital divides continue to exist between regions and countries