PREVIEW:

According to research, for the past seven years, hackers have penetrated mobile operations with a dozen Telecommunication Services Providers (TSPs). These hacks gained complete control of their networks, exposing call data records of hundreds of millions of customers.¹ However, the researchers noted that the geolocation data, call logs, and text message records were stolen from less than a 100 targeted high-profile victims with positions in government and the military.

This discovery raises a serious question. Is this the work of nation-state hacking groups seeking intelligence on foreign operations? Researchers say “yes.” Governments are exploiting telecoms to engage in covert surveillance.² Geopolitical unrest is helping to fuel cyber espionage, using illicit computer access to steal confidential information. These widely publicized hacks have damaged reputations and breeched data confidentiality and privacy agreements with customers. Fears of election meddling are stoking fears so high that US officials issued warnings that nation-states are attempting to manipulate public opinion ahead of the 2020 elections.³

With so much at stake, how are such intrusions possible? Attackers are using tried-and-true hacking methods. They’ve exploited known vulnerabilities, including malware hidden in a Microsoft file or an exposed public server on the internet to gain access.⁴ The malware then searches computers on the same network and floods the compromised network with login attempts until the hackers locate the crown jewels – caller data records database. Additionally, attackers spoofed personal social media pages of privileged users within a targeted organization to unleash malware on their computers. Elevated access privileges have been used to penetrate the network.⁵

In this paper, we’ll explore the modern telecommunication service provider (TSP), and help define what steps can be taken to better secure the internal infrastructure and safeguard customers. With TSPs dynamic landscape, the ongoing pressures to transform digitally, and the anticipated rollout of 5G mobile networks, advanced cyber security will become even more essential.

The Modern Telecommunications Service Provider

Rapidly advancing communications technologies and market pressures to digitize operations have altered today’s TSP into a new breed of business beyond basic telecom services. The new formula blends consumer and business communication services to speed growth and increase revenues. A single provider can offer consumers analog and digital landline and mobile, broadband internet, and media entertainment. For businesses, telecoms offer managed services focused on communication, security, data center, network, among others. AT&T Inc. is the world’s largest telecommunications company with recent annual revenue soaring to $183 billion.⁶ It’s not only the largest provider of mobile and landline telephone services, but as the parent company of WarnerMedia, AT&T is now one of the largest media and entertainment companies in the world. Its diversification is exemplified by its own description as a “modern media company whose mission is to inspire human progress through the power of communication and entertainment.” ⁷

^{Download the full text here.} 

1 “A hacker assault left mobile carriers open to network shutdown,” by Alfred Ng, c|net, June 25, 2019
2 “Global Cyber Executive Briefing: Telecommunications,” Deloitte.
3 “U.S. Elections are Still Vulnerable to Foreign Hacking,” by Tim Lau, Brennan Center for Justice, July 18, 2019
4 “A hacker assault left mobile carriers open to network shutdown,” by Alfred Ng, c|net, June 25, 2019
5 “Global Cyber Executive Briefing: Telecommunications,” Deloitte.