Diverted or rerouted traffic
One tactic employed by cyber terrorists is to reroute internet traffic from a particular operator to a less secure jurisdiction. In doing so, they can wrest control of critical functionality away from a government or business, spy on sensitive information and alter documentation.
Once achieved, the perpetrator can then charge a ransom for return of access. Even worse, the cyber criminal may decide to retain control of functionality for their own nefarious purposes.
Cyber criminals are now able to make use of smartphone based bots to launch Boarder Gateway Patrol and Network Time Protocol attacks.
One example of this occurred in March 2015 in the UK, when internet traffic from 167 sensitive accounts, including one belonging to a contractor responsible for the UK’s nuclear warhead programme, was temporarily diverted to servers in Ukraine and held there for almost a week.
While this situation was neutralised with no major fallout, it is easy to imagine the potential for carnage in such a situation.
Malware targeting inexperienced users
As billions of people around the world opt to work and study from home, operators are facing an unprecedented surge in demand for capacity on their networks. A recent study estimates that 41 per cent of people currently working from home are doing so for the first time and lack the basic understanding and internet skills to adequately protect themselves online. In short, the Covid 19 pandemic is stretching the limits of the security chain, exposing literally millions of potential weak links.
Cyber criminals are doing their best to exploit this situation, launching a plethora of phishing and social engineering attacks to harvest user data and access networks.
Operators in the US and Europe have seen a surge in robocalling and Wangiri attacks, over the past 12-18 months. While operators here in the Middle East have encountered fewer of these types of incursions they still present a significant problem. With mobile networks in the Middle East being generally newer and more technologically advanced than those in Europe and the US, they are more resilient to these types of attack and are better able to mitigate these types of threat.
Operators in the Middle East have seen more of an increase in SS7 style attacks and also Denial of Service attacks. Oftentimes, these attacks are financially motivated, with the perpetrator trying to steal funds directly with an SS7 attack or to try to blackmail an operator or enterprise into paying a ransom to reinstate services after a DoS attack. Cyber criminals are also trying to take advantage of new users signing up to insecure apps, during the Covid 19 pandemic.
We’ll be diving deeper into all of these topics, during our forthcoming webinar with Etisalat and NetNumber.
On Tuesday the 23rd of June 2020, CommsMEA will be joining forces with Netnumber and Etisalat Group to bring you an exclusive webinar focussing on network security. Entitled “Why next generation connectivity demands next generation security,” the webinar will draw on a wide range of industry experts, as we discuss the latest strategies and techniques for staying one step ahead of the cyber criminals. How can the region secure its connected assets against the threat of cyber terrorism? What role will the GSMA and other industry bodies play in securing our networks? Are operators in the region equipped to deal with the challenges of life in the new ‘post-Covid 19’ era? We’ll be tackling all these questions and more during our hour long discussion.
You can attend the webinar for free by clicking this link.