Will Latest Cyber Attack Unite the Digital Community?

May 17, 2017

Blog

Although data breaches and cybercrime are increasingly the hallmark of the age we live in, last week’s WannaCry attack has drawn out uniformly strong calls for the wider tech industry to improve security. Affecting more than 150 countries and high profile institutions such as the Russian Interior Ministry, China’s Zhejiang University and the UK’s NHS, WannaCry ransomware has again underscored the cross-sector, global nature of the threat to digital services. The episode also drew attention to the potential vulnerabilities of older software and the difficulty of improving the security of legacy systems.

Preventing threats such as WannaCry depends on industry collaboration. The mobile industry has taken steps to improve security via its new operator-led identity solution, Mobile Connect, which can be used to enhance security through authentication, authorisation and KYC.

Using Mobile Connect to limit exposure to security threats

As the spread of malware often occurs through downloading email attachments, an identity solution such as Mobile Connect can be used to digitally sign documents, thereby increasing the user’s confidence that the content is from a known and trusted source.

Additionally, Mobile Connect’s authentication can also be used provide additional contextual information regarding the signature, e.g. the location.  As email is one of the primary vehicles for the spread the malware, the email client can use Mobile Connect to authenticate the user. As such, even if the service consumption device is compromised, the user needs to be authenticated using the out-of-band mechanism of Mobile Connect.

The inherent security of mobile networks, their global presence and the increasing number of Mobile Connect’s enabled users (currently 3.1bn), makes Mobile Connect especially attractive for global service providers who may need to use secure cross-border authentication.

Acting quickly to secure the IoT

As reported in the Washington Post by security technologist Bruce Schneier, the development of IoT solutions could mean that the next cyber-attack may be more severe than WannaCry. In the not-to-distant future, connected ovens, fridges, automobiles and many other smart machines all potentially pose new threats to our safety, and as such, need to be designed with security in mind.

IoT solutions can be made more secure if the broader ecosystem adopts a common approach. Here, the mobile industry is playing a key role by offering their long experience of network security in the form of the GSMA IoT Security Guidelines.

In Schneier’s view, low-cost devices that do not contain security by design could be particularly vulnerable. The security of low-cost devices can be improved by using connecting them via licensed networks, which are innately more secure and reliable than alternatives.

As has been demonstrated, Mobile Connect has been designed for use with emerging connected devices such as connected vending machines and automobiles. For more information on Mobile Connect, please visit gsma.com/mobileconnect

Back

Turkcell: Taking the next step in Identity with Mobile Connect Turkcell are now leveraging Mobile Connect to actively develop services they believe will be the basis of a new revenue stream. In this case study find out what steps Turkcell ar...

Read more | See all Identity Resources

Mobile Connect live use cases The Mobile Connect live use cases are a list of examples of how the identity solution has been deployed with various services.  Each use case harnesses one or more Mobile Connec...

Read more | See all Identity Resources

Digital Identity: Realising Smart Cities As we look further ahead to the mid-century, intelligent public services will move beyond the mechanical: two decades from now, increasingly complex and sensitive aspects of our ...

Read more | See all Identity Resources

Industry Seminar Presentations from MWC18: Regulations and Attributes   Download presentations from the Mobile World Congress identity seminars Watch on-demand seminar videos from the Mobile World Congress identity seminars Security and Privac...

Read more | See all Identity Resources

Strong Mobile Customer Authentication under PSD2: Comparisons and Cons The new PSD2 regulations will bring about major changes to the digital security landscape. Among the most significant of these will be the requirement to use strong customer auth...

Read more | See all Identity Resources

Mobile Connect for Cross-Border Digital Services: Lessons Learned from The GSMA has released the results of the Mobile Connect and eIDAS implementation pilot. The year-long collaboration brought together several public and private sector organisatio...

Read more | See all Identity Resources

Mobile Connect Helping to Secure Online Commerce in India India’s economy is becoming increasingly mobile-centric. 39 million smartphones were sold on the subcontinent in Q3 2017 alone – up 20% on the previous year – and almost 70...

Read more | Visit Identity Blog

Industry Seminar Presentations from MWC18: Regulations and Attributes   Download presentations from the Mobile World Congress identity seminars Watch on-demand seminar videos from the Mobile World Congress identity seminars Security and Privac...

Read more | Visit Identity Blog

Digital Identity Demonstrates its Crucial Role in Transforming Healthc Across the world, healthcare continues to be one of the biggest sources of public expenditure. As such, there is increasing pressure to find more efficient means of delivery. Dig...

Read more | Visit Identity Blog

Identity Now Key to Statecraft Say Experts One of the chief concerns of those in the identity ecosystem is the formulation of policy befitting for the emerging digital age. With the recent completion of PSD2 and successiv...

Read more | Visit Identity Blog

Mobile Network Operators to Provide Key Piece in Identity Puzzle As digital services grow in number and sophistication, consumers have whetted their appetite for those which provide unrivalled everyday convenience. As businesses harness the va...

Read more | Visit Identity Blog

CAPS Report on Authentication and Mobile Payments to aid Implementatio With PSD2’s Regulatory Technical Standards now published, the broader financial ecosystem is moving closer towards full-scale implementation of the EU’s revised payment servi...

Read more | Visit Identity Blog

Mobile Connect at Mobile World Congress Shanghai 2018 June 27, 2018 The GSMA’s Identity team will be present at this year’s Mobile World Congress Shanghai 2018, where Mobile Connect, the mobile industry’s identity service, will be showcased...

Read more | See all Identity Events

Identity Innovation Labs June 28, 2018 Location: Feng room, 2nd floor, Jumeirah Himalayas Hotel Shanghai, No. 1108 Mei Hua Road, Pudong New District, Shanghai 201204 The Identity Innovation Labs are a set of three sta...

Read more | See all Identity Events

Contact GSMA Legal Email Preference Centre Copyright © 2018 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.