Skip to main content

Cyberattacks draining telecoms’ resources

(Image credit: Image Credit: Lolloj / Shutterstock)

Each month customers pay telecoms larger and larger bills but where does that money actually go? You would think it would help these companies expand their 4G coverage or prepare for the rollout of 5G. However, a large chunk of your monthly bill is actually being used to fend off cyberattacks.

TechRadar Pro spoke with EfficientIP’s VP of Strategy Ronan David to learn how cyberattacks are taking funds away from telecoms’ 5G rollouts as they look to protect their customers and the data they store.

Why do telecoms take longer to respond to cyberattacks than other businesses?

Telecom organisations take longer to respond to cyberattacks due to the complexity of their networks. They are much more distributed and extended, along with having far more customers connected than other industries. The data they transmit across the network is also massive in size by comparison.

In addition, their core business is to provide a continuity of service. Telcos cannot just cut their network when under attack as other businesses can. This would affect end users that rely on and pay for consistent network availability. Therefore, Telcos must be constantly "up", and ensure service continuity at a much higher scale than enterprise businesses. In the end, it's a matter of scale.

(Image credit: Image Credit: Mopic / Shutterstock)

Why has the cost of DNS attacks to telecoms risen so dramatically over the last 12 months?

Attacks over the last 12 months have become more and more sophisticated, and therefore the consequences related to business continuity have been more impactful than previously. Furthermore, as shown in our annual survey reports, the number of attacks has increased since 2017 by 65% and it has taken businesses more time to mitigate these attacks. Put simply, more attacks + longer to fix = more cost.

How can mobile operators better protect themselves from falling victim to a DNS attack?

The challenge in the telco market is often to protect against highly-distributed denial of service (DDoS) attacks that can easily cripple a network. Solutions must be deployed that can protect against volumetric attacks like DDoS Secondly, telco organisations  need to be able to perform in-depth traffic analysis in order to protect against low signal attacks. This combination of performance and intelligence is a challenge for any protocol. By implementing purpose-built DNS security systems with adaptive countermeasures to ensure service continuity and data confidentiality, mobile operators can efficiently protect their DNS services. 

(Image credit: Image Credit: Rawpixel.com / Pexels)

Is cybersecurity training readily offered at telecoms and if not do you think it should be?

Due to the growing number and vast variety of threats, cybersecurity training needs to be offered to all industries. We can imagine that in the telco market, being extremely exposed, they are taking this responsibility very seriously. However, without the proper network security solutions within their architecture, no amount of training will fully protect from threats.

Has the threat of being penalised under GDPR motivated telecoms to take cybersecurity more seriously?

We believe so, because as well as financial implications, attacks cause severe brand damage, which can lead to increased customer churn. This is something telcos always try to avoid. Telcos understand that prevention of data exfiltration is key to customer retention. As cyber criminals often target exfiltration of data via DNS, telcos have started to put top priority on monitoring and analysis of DNS traffic to prevent data theft and help meet GDPR compliance.

What advice would you give to telecoms looking to improve their security?

Work towards having holistic network security. This involves making sure as many pieces of the network as possible are secure – and try to get them working together by passing around threat information/events. Existing endpoint solutions and NGFWs already in place should be augmented with complementary security solutions. DNS plays a critical role in every network and has unique visibility over network traffic. Therefore, a purpose-built DNS security solution should be the first line of defense for any network to protect against today's wide range of attacks.

Do you believe AI-based security solutions could one day help businesses protect themselves online?

It's already a reality! AI and ML (Machine Learning) currently help considerably with building up threat intelligence. We see this with domain reputation, where machine learning helps to identify malicious domains being used by hackers for phishing or C&C and malware activities. Organizations can and should take advantage of these solutions if they want to protect their business.

Ronan David, VP of Strategy at EfficientIP