Security Experts Warn of More Dangerous Attacks

June 12, 2017

Blog

Gautam Hazari, Technical Director, Identity, GSMA

We are in a race against time to develop defences capable of dealing with increasingly dangerous cyber threats, security experts have warned. This was the consensus among the wider mobile industry’s leading security experts at last month’s Mobile 360 Series Privacy and Security conference in The Hague. The event, which is designed to establish common approaches to solving the security issues of the day, was in large part, dominated by the severe impact of recent malware attacks, most notably WannaCry, which affected major institutions across the globe.

One of the chief concerns was the lack of global coordination in countering cyber-attacks, which according to attendees, looked increasingly capable of the threatening life and extracting money from its victims. Experts were particularly concerned that cyber attackers, after successive high-profile attacks, are becoming more emboldened, and are beginning to turn hacking on an industry. Drawing on WannaCry as an example, experts warned that, with its various payment schemes and corresponding levels of ‘customer support’, malware was adopting more sophisticated ways to force users to pay.

Speakers argued that ransomware has the potential to pose direct threats to human safety with the increase of new connected devices and services. Attendees predicted a rise in attacks that are concentrated over a very short time frame, forcing people to make payments in a very small window of opportunity to avoid damage. In such instances, connected cars, air and water quality monitors, intelligent transport systems and smart utilities are just a few things which could be targeted to devastating effect.

Yet there are ways in which such a situation can be avoided or mitigated. The first step involves industry-wide acceptance of the logic that, ‘we are only as strong as the weakest link’, and that companies should therefore share best practices and make each other aware of security flaws when they become apparent. Telefónica, for example, stressed the importance of transparency when dealing with cyberattacks; sharing information and being honest with customers is the best way to alert others to security threats and retain consumer trust, respectively.

Many agreed that raising awareness of security and privacy should be a crucial part of any strategy to reduce attacks. There was agreement that the onus was on the industry to educate consumers, yet to do so in such a way which accepts that they could not be expected to take long, complex steps to improve their security.  General awareness could also be raised by governments and regulators taking a more positive approach to educating its citizens, particularly through passing regulation which sets minimum standards for security and privacy.

To this end, the event also hosted a debate on the EU’s new incoming General Data Privacy Regulation (GDPR), designed to give user’s more control of their data. Here, experts were keen to highlight that, before implementation, the industry should take steps to ensure that it could work with the fast pace of change of digital identity.

Many experts argued that the industry needed to work closely with regulators to make sure as many companies as possible were GDPR compliant and that they could fulfill GDPR’s aim to protect consumer privacy by ensuring they share information according to what the consumer has allowed.

For more information on how Mobile Connect can be used to protect users’ data, please visit gsma.com/mobileconnect

 

Back

Driving Mobile Connect Usage – Turkcell Looking to improve its customers’ experience and further differentiate its proposition, Turkcell launched Mobile Connect initially on its self-care mobile application and websi...

Read more | See all Identity Resources

Mobile Connect London Summit: Presentations Taking place on the 25th and 26th April, the Mobile Connect London Summit was a forum for leading figures in the wider mobile industry to debate the most pressing issues in the...

Read more | See all Identity Resources

The PSD2 Opportunity: Mobile Operators and Fintech This paper discusses the opportunities relating to the partnership between mobile network operators and fintech companies, and how both parties can benefit from each others&#...

Read more | See all Identity Resources

SK Telecom: Integrating Existing Identity Solutions into Mobile Connec In December 2016, SKT adapted both T-Auth and T-ID to comply with the Mobile Connect specifications. The goal was to make it easier for international customers to use SKT’s app...

Read more | See all Identity Resources

Seminar Presentations from Mobile World Congress 2017 Mobile World Congress 2017 hosted three industry seminars on Mobile Connect and the future of digital identity.  You can find out more about each of these subjects by downloadin...

Read more | See all Identity Resources

SIM Toolkit Device Requirements to Improve Mobile Connect Customer Exp This document presents the requirements for the device to improve the user experience of the Mobile Connect SIM applet authenticator. The ETSI (The European Telecommunications St...

Read more | See all Identity Resources

Markets Turn Their Focus to Cross-Border Trade of Digital Services Since the drafting of eIDAS in 2014, there has been a renewed interest from businesses, particularly in Europe, in secure cross-border trade using digital services. Initiatives s...

Read more | Visit Identity Blog

Mobile Connect-eIDAS Pilot Prepares for Secure Cross-Border Trade Marta Ienco, Head of the Government & Regulatory affairs, Personal Data   As we draw closer to the implementation of the eIDAS Regulation in September 2018, both governments...

Read more | Visit Identity Blog

Asia’s Mobile Industry Unites behind Mobile Connect Download presentations from the event Shanghai—A broad array of MNO’s across Asia have underscored their commitment to Mobile Connect after revealing how the identity solutio...

Read more | Visit Identity Blog

GSMA-FIDO Collaboration a Step Towards Secure Authentication The recent collaborative agreement between the GSMA and the FIDO Alliance, the ecosystem for standards-based, interoperable authentication, is a sign that the digital community i...

Read more | Visit Identity Blog

Exploring Asia’s Identity Offerings at Mobile World Congress Shangha Asia is experiencing a rapid transformation of its digital services. According to Mary Meeker’s 2017 Internet Trends Report, mobile has surpassed both desktop computers and TV...

Read more | Visit Identity Blog

Security Experts Warn of More Dangerous Attacks Gautam Hazari, Technical Director, Identity, GSMA We are in a race against time to develop defences capable of dealing with increasingly dangerous cyber threats, security experts...

Read more | Visit Identity Blog

Mobile World Congress Americas September 12, 2017 Mobile Connect will be present at the inaugural Mobile World Congress Americas event which will feature industry seminars and live demonstrations of the identity solution inside ...

Read more | See all Personal Data Events

Mobile Connect Summit – Singapore November 21, 2017 Following April’s successful Mobile Connect Summit in London, we are pleased to confirm that we will soon be hosting another regional Summit – this time in Singapore...

Read more | See all Personal Data Events

Contact GSMA Legal Email Preference Centre Copyright © 2017 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.