Head in the cloud DevOps people don’t know there’s a hybrid war on
Insecurities created by the hyperscaling of mobile networks make them perfect soft targets for cyber-crime and military aggression, a new report by security provider AdaptiveMobile (AM) has warned. In the report, Spectrum of Violence: Mobile Network-enabled Attacks in Hybrid Warfare, security service provider AM explains why mobile operators need to buy more security services. It claims mobile networks are insecure because networks expand by automation and are secured by manual intervention. Worse still the security manager has a much bigger workload than the development operator who spins up new servers in a few mouse clicks.
Hyperscale is insecure, go configure
With both Core and Radio Access Networks (RANs) being vulnerable to protocol manipulating attack methods such as SS7 and SIP, DNS, DDoS and the IoT, security managers are presented with a long list of variables that need to be configured, the report says. There is a huge disparity in workloads. The Security Manager must take pains to work their way through DNS security tools, enabling one thing, disabling recursions, updating variable and configuring their access control lists. By contrast, in a fraction of that time, their counterparts in Cloud DevOps can spin up ten more systems that need to be secured. The AdaptiveMobile report says organised criminals, surveillance companies and state-level actors can all see weak spots in the core networks of mobile operators but the targets can vary. The main threats are location tracking, content interception, fraud (against the operator or the subscriber), phishing and malware delivery, denial of service and information harvesting
Here come the Cyber Cossacks
Meanwhile the media has warned that Russia could target European and US banks with a coordinated cyber-attack in response the Ukrainian border conflict. The European Central Bank has told banks to conduct cyber war games to test their ability to fend off a potential attack, with financial regulators on high alert for a new strike. The New York Department of Financial Services has also issued an alert to financial institutions warning of cyber-attacks, according to Thomson Reuters’ Regulatory Intelligence.
DevOps make gains, SecOps take pains
Mobile operators should be aware that Cyber security management is a ‘continuous iterative process’, according to Konstantin Besfamylnyi, practice leader of technology, media and telecoms at service provider Intellias. “Securing data, systems and networks against the most sophisticated cyber threats requires adaptive governance, protection, detection and response strategies.”
“Telco security officers must be one step ahead of the threats – both internal and external – because breaches don’t just affect the mobile network operation but can ripple-through the entire subscriber ecosystem,” said Besfamylnyi.
Criminally insecure
Meanwhile, another report say the criminal underground has many online marketplaces selling malware, stolen financial and healthcare data, or hacking tools. Many are malware menaces are shopping on bot markets, security analytics company Cognyte says in a new report. Bot markets are automated stores that sell stolen login credentials. Cognyte identified four of the most active bot marketplaces in 2021: 2easy, Amigos, Genesis and Russian Market. Of the nearly 5.3 million login credentials stolen between 2019 and 2021 that Cognyte looked at as part of its research, 73 per cent were collected in 2021. The majority, 71 per cent, of the login credentials offered for sale in 2021 were on the Russian Market, Cognyte said.