Hacktivists' threat to infrastructure and AI among largest cybersecurity trends – Orange CyberdefenseHacktivists' threat to infrastructure and AI among largest cybersecurity trends – Orange Cyberdefense

Orange Cyberdefense has released a report summarizing its research into cybersecurity topics and trends, putting the spotlight on hacktivists and AI, while also detailing threats to mobile infrastructure.

Tereza Krásová, Associate Editor

December 5, 2024

4 Min Read
Red security padlock on a dark background
(Source: Kiyoshi Takahase Segundo/Alamy Stock Photo)

Orange Cyberdefense has released its Security Navigator 2025, a report summarizing its research into cybersecurity threats and latest trends. The scope of the report covers a broad array of cybersecurity threats, including threats to mobile networks, hacktivism and generative AI-enabled attacks.

Hacktivism in particular has been highlighted as an emerging threat, with Orange Cyberdefense's head of security research, Charl van der Walt, saying during a press event in London yesterday that the term has evolved in the last ten years or so and is now dominated by state-aligned groups, blurring the line between state and criminal. These groups carry out attacks aligned with a country's geopolitical goals, with a step change in the volume of such attacks following Russia's invasion of Ukraine.

The research focused on one specific group, said to be the most prolific one with 6,600 attacks since 2022, which targeted Europe in 96% of cases. The most common strategy, van der Walt said, are distributed denial of service (DDoS) attacks. The targets they select focus not only on tangible disruption, but also erosion of public trust in the state.

At the same time, the Security Navigator also points to an increase in more sophisticated attacks on assets like utilities, factories, transportation and telecom infrastructure attributed to hacktivists. "They seem to be developing a proficiency which is actually very scarce, which is the ability to attack and impact complex industrial control systems," van der Walt said.

Hacktivists are now responsible for almost a quarter of serious operational technology (OT) attacks. These attacks target infrastructure assets, mainly in the manufacturing, energy, healthcare and transportation sectors, and have emerged due to ongoing convergence of IT and OT systems, which used to be strictly separated. Orange Cybersecurity, which has protection against such attacks as part of its product suite, notes that 46% of them succeed in manipulating the asset.

The threat to telecom

Asked about OT attacks targeting telecom infrastructure, Sara Puigvert, global operations EVP at Orange Cyberdefense, said it hasn't been among the most prominent sectors attacked. However, she highlighted attacks targeting US operators in the run-up to the presidential elections.

There are notable examples of hackers targeting mobile infrastructure in 2024, according to the report. Some focused on international mobile subscriber identity (IMSI) catchers, which are described as fake basestations mimicking cell towers, used to capture communications or send SMS to individuals.

Other vulnerabilities arise from SIMs. Notably, traditional SIMs are exposed to SIM swaps where a phone number is switched to a different SIM card, allowing them access to phone calls and texts, as well as anything verified via that number.

And while eSIMs are thought to be a more secure way to authenticate a device, they also come with some vulnerabilities. They are activated by the user, which opens up space for phishing or "smishing" (phishing attacks via SMS), resulting in eSIM swapping.

One of Orange's operators saw fraudsters carry out an eSIM swap attack involving phone calls impersonating the operator, during which they persuaded 14 individuals to share one-time passwords and gain controls of their numbers. 

The report also notes the growing complexity of mobile infrastructure has increased the attack surface of the network.

The GenAI factor

GenAI has, of course, been one of the big topics of the year, and one that's had serious implications for cybersecurity. The Security Navigator points to hackers' use of the technology to create more persuasive phishing content and deepfakes, which can be used for fraud.

More realistic content is, however, not necessarily the "magic bullet" criminals want, according to van der Walt, with a greater volume of attacks being a better way for them to reach their goals.

Still, he argued that with GenAI being in essence an efficiency tool on both sides, there is an asymmetry that favors the attackers, rather than those protecting against them. By nature, the criminal has the ability to experiment and fail, allowing them to learn faster.

Cybersecurity focus

Alongside the report, Orange also released a tool to help navigate cybersecurity's language and landscape, explaining different terms and how they are related.

Cybersecurity has become a big focus for Orange as a group.

In 2023, Orange Cyberdefense's turnover reached €1.1 billion (US$1.16 billion), and the unit says it counts more than 9,000 large companies among its clients, as well as more than 40,000 small and medium-sized businesses.

Read more about:

Europe

About the Author

Tereza Krásová

Associate Editor, Light Reading

Associate Editor, Light Reading

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like