According to research, for the past seven years, hackers have penetrated mobile operations with a dozen Telecommunication Services Providers (TSPs). These hacks gained complete control of their networks, exposing call data records of hundreds of millions of customers.1 However, the researchers noted that the geolocation data, call logs, and text message records were stolen from less than a 100 targeted high-profile victims with positions in government and the military. This discovery raises a serious question. Is this the work of nation-state hacking groups seeking intelligence on foreign operations? Researchers say “yes.”
Governments are exploiting telecoms to engage in covert surveillance.2 Geopolitical unrest is helping to fuel cyber espionage, using illicit computer access to steal confidential information. These widely publicized hacks have damaged reputations and breeched data confidentiality and privacy agreements with customers. Fears of election meddling are stoking fears so high that US officials issued warnings that
nation-states are attempting to manipulate public opinion ahead of the 2020 elections.3
With so much at stake, how are such intrusions possible?
Attackers are using tried-and-true hacking methods. They’ve exploited known vulnerabilities, including malware hidden in a Microsoft file or an exposed public server on the internet to gain access.4 The malware then searches computers on the same network and floods the compromised network with login
attempts until the hackers locate the crown jewels – caller data records database. Additionally, attackers spoofed personal social media pages of privileged users within a targeted organization to unleash malware on their computers. Elevated access privileges have been used to penetrate the network.5
In this paper, we’ll explore the modern telecommunication service provider (TSP), and help define what steps can be taken to better secure the internal infrastructure and safeguard customers. With TSPs dynamic landscape, the ongoing pressures to transform digitally, and the anticipated rollout of 5G mobile networks, advanced cyber security will become even more essential.
1 “A hacker assault left mobile carriers open to network shutdown,” by Alfred Ng, c|net, June 25, 2019
2 “Global Cyber Executive Briefing: Telecommunications,” Deloitte.
3 “U.S. Elections are Still Vulnerable to Foreign Hacking,” by Tim Lau, Brennan Center for Justice, July 18, 2019
4 “A hacker assault left mobile carriers open to network shutdown,” by Alfred Ng, c|net, June 25, 2019
5 “Global Cyber Executive Briefing: Telecommunications,” Deloitte.