By Serdar Vural, Product Manager, Canonical
Telecom security threats are only set to grow in the coming years due to the increasing value of data, as well as the growing complexity of networks and their importance to the wider world. A wave of recent high-profile attacks against global telecoms organisations demonstrates the issue, with more than 74 million private records of customers leaked onto the dark web.
For business leaders in the sector, the issue of cybersecurity is increasingly concerning, especially with advancements such as 6G around the corner, along with a shift towards more decentralised networks. Telecom companies are increasingly attracting the attention of sophisticated attackers due to the sensitive nature of the data that is carried on their networks. In addition, the increasing use of mobile devices for multi-factor authentication across a wide variety of applications makes telecom networks an even more tempting target.
Attacks vary from aiming to downgrade services using DDoS to attempts to breach data – and both are growing. Forward-thinking business leaders must make the right choices when it comes to automation – which has a significant role to play in securing the telecom industry – and be ready to work with governments and other organisations to defend themselves against the growing security threat.
The evolving threat
Telecoms infrastructure underpins public services globally and is key to how almost every organisation does business. When there’s an outage it can have disastrous effects, everything from affecting medical equipment, to paralysing transport networks and leaking sensitive information. Governments now quite rightly consider telecom networks as critical national infrastructure. In turn, this has led to increasingly tough rules and regulations for operators and service providers. These regulations include stringent data protection laws to protect consumer identity and data, and requirements to secure both infrastructure and software.
The arrival of 5G has meant that telecom companies can offer new services to consumers, but the cost of this is that attackers now have new ways to strike. 5G supports connectivity with many different devices including Internet of Things (IoT) devices, security cameras and more, meaning the attack surface for telecoms networks has grown in recent years. As we look to the future and the impending arrival of 6G, the security issue is only going to grow more complex. Alongside this, the networks themselves are becoming more diverse and decentralised, with network slices running across different hardware. With telecoms becoming woven into emerging technologies such as smart cities and autonomous vehicles, companies must be on the front foot, implementing processes that protect themselves and their customers from day one.
The role of technology in protecting telcos
Automation is particularly important in the case of operating system (OS) hardening. The large number of steps in OS hardening and auditing for every deployment makes it a time-consuming task and also means that workers are prone to introducing human error. Automation is also important in vulnerability management, where it can be difficult to fix all vulnerabilities manually due to the increasingly large software ecosystem. Automation can help to remove repetitive steps from vulnerability management which tend to be where said human error creeps in.
Alongside automating processes, the implementation of artificial intelligence (AI), machine learning (ML) and emerging technologies such as quantum-resistant encryption will also be key here. Telcos are already testing AI in network security, to do everything from detecting fraudulent mobile subscriptions to pinpointing problems with IoT devices. The migration to quantum-resistant encryption will begin in the 5G era, and complete in the 6G era, before the emergence of quantum computers capable of breaking today’s encryption standards.
Automated, scalable and trusted solutions will be key for operators hoping to protect their vital infrastructure – and open source will play a crucial role. The evolution of telecom standards has expanded attack surfaces, leaving infrastructure and running workloads vulnerable. The adoption of open source will provide transparency for operators, naturally boosting security.
Meeting industry standards
The international community will also need to work together to create secure and interoperable standards – something for which the seeds are being sown today. Global governments are already waking up to the critical nature of telecommunications networks to today’s societies and are taking steps to work together more closely in future. The arrival of the Global Coalition on Telecommunications will help nations work together to deal with both today’s threats and tomorrow’s.
Operators must ensure they comply with security standards and adopt scalable systems which can oversee the ever-growing volume of software and ensure that it has no vulnerabilities. Adopting the frameworks developed by national bodies will also be crucial, ensuring that operators can be confident that their systems are equipped with the latest cryptographic measures and security features.
Telecoms and the future
Going forward, telecoms will be central to emerging technologies such as smart cities and autonomous vehicles. In tandem, the complexity of networks and software ecosystems is only going to continue growing, particularly when 6G arrives. As a result, attackers will also grow more sophisticated as the rewards of hacking telecom networks increase.
Implementing automation to reduce human error offers operators a way to take control of their software landscape, alongside embracing national telecom standards and working with global organisations to deal with emerging threats around the world. The world has never relied so much on telecoms: forward-thinking business leaders must work together to ensure the safety of the sector.
