Security Platforms/Tools

Security Threat Intensifies for Service Providers

ORLANDO, Fla. -- COMPTEL Plus Fall 2013 -- Service providers are still not taking security seriously enough, according to panelists here, including a Florida-based FBI agent.

Citing an Arbor Networks study that showed 50 percent of telecom service providers lack protection against distributed denial of service (DDoS) attacks -- the most common threat to IP service -- Teri Francis, VP of customer solutions at NTT Communications Corp. (NYSE: NTT) Global IP Network, said there is still too much ostrich-like behavior going on in the service provider community.

"Many executives don't even know what a DDoS attack is," Francis said. "There is a head-in-the-sand mentality that if it hasn't happened to me, it won't happen."

The problem can also be organizational: Some companies have a single security authority while others distribute that authority and may be leaving themselves vulnerable as a result, said Level 3 Communications Inc. (NYSE: LVLT) CTO Jack Waters.

The purpose of this panel was to scare the service providers present into being more realistic about the prevalence of cyber-security attacks and convince them to be more prepared and take more precautions.

Waters also cautioned that attackers are getting smarter about who they target: Network Operating Center (NOC) technicians are targeted more often because attackers are looking to get access to their network credentials to do more damage, he said.

One new form of mobile attack is known as "smishing," according to Louis Archibald, senior consultant in the Rapid Response Retainer team at Level 3 Communications Inc. (NYSE: LVLT).

Victims receive a text message on their cellphones from an unknown party and it contains a link. If they click on that link, the bad guys "own your phone," he cautioned. In the era of bring-your-own-device (BYoD), mobile phone security is an issue for enterprises because of the potential co-mingling of business data on personal phones that aren't adequately protected from attack.

Senior FBI Agent Todd Renner advised telecom service providers to contact federal authorities any time there has been a breach, a process he says is not currently happening. While there are multiple federal agencies dealing with cyber security, the important thing is to contact someone, and the FBI is one place to start.

Renner also agreed with other speakers who said organized crime is increasingly involved in cyber threats and will often use DDoS attacks as diversions in complex schemes against high-value targets such as automated payroll processes. Renner said the bad guys can actually be patient -- they sometimes gain a presence in computers via security breaches but then wait years to act.

— Carol Wilson, Editor-at-Large, Light Reading

pdonegan67 9/25/2013 | 3:26:00 PM
Re: End User Biggest Factor Good point. When you deliberate over the difference between security for smartphones and security for M2M apps, at least you know you can trust the machines not to do something stupid.
Phil_Britt 9/25/2013 | 12:39:45 PM
End User Biggest Factor Not to say that teleocom firms can't do more, but no matter what they do, if the users don't follow safe practices, it won't matter.

Some of the most common passwords are "password," a sequence of numbers such as 1234 or something else that can be found via a simple search (phone, address, birthday).

Several people also put out too much info on social media.  Perhaps users should have to follow some simple security procedures just to activate a new phone.
brookseven 9/25/2013 | 11:42:23 AM
Re: Many operators don't know what they don't know patrick,


Also, remember most malware is hosted on websites...many of which are legitimate.  So they not only need to watch their traffic, but their hosted content.

pdonegan67 9/25/2013 | 9:27:21 AM
Many operators don't know what they don't know Without getting overly Rumfeldesque, one of the issues this piece alludes to is that many operators still don't know what they don't know where malicious traffic is concerned.

An awful lot of them still don't know precisely how much malicious traffic they are carrying - either as a conduit to third party end targets (consumer's devices or the networks of enterprise customers) or bound for their own network elements.

When operator CTOs do bother to open up the kimono they are often alarmed at the variety, volume and sophistication of the malicious traffic they are actually carrying in their own networks. This is driving greater awareness of the potential damage some of this traffic can do their own networks or their customers or both.

Particularly where the mobile network is concerned, most network outages and service degradations are still caused by cock-up rather conspiracy. But be in no doubt that attackers will try and close that gap in the coming years.

Each operator needs to determine for itself whether or not they are going to allow them to succeed.

Sign In