I mentioned in my first blog how some countries have adopted various themes to mark Cybersecurity Awareness Month. The Australian theme ‘cybersecurity is everyone’s business’ underlines the shared responsibility that each stakeholder in the mobile ecosystem has in building a resilient and secure environment. This includes training employees, educating customers, incorporating secure-by-design principles into products and services, and managing the physical infrastructure and network operations in a robust way.
Cyberattacks are increasing in scope and scale across the world. ENISA’s Threat Landscape report points to a notable escalation in cyberattacks across the EU member states throughout the latter part of 2023 and the initial half of 2024, both in the number and variety of incidents. Threats against availability or DDoS (Distributed Denial of Service) and Ransomware were the most reported forms accounting for more than half of the events. According to Nokia’s Threat Intelligence Report cyberattacks are increasingly aimed at countries with substantial global influence and economic power, particularly those at the forefront of technological advancements.
So, what is causing this rise in cyberattacks?
Primarily, a complex and evolving cybersecurity threat landscape shaped by many factors including the rapid pace of digitisation and increased usage of mobile devices, the sophistication of attacks, geopolitical tensions and the supply chain vulnerabilities. Not to mention the human element and the global cyber skills shortage – according to the World Economic Forum some four million professionals are needed to fill the talent gap in the global cybersecurity industry). From the mobile ecosystem perspective, the GSMA’s Mobile Telecommunications Security Landscape report provides a comprehensive view of the ongoing threats facing mobile operators with examples of attacks that impacted operators last year. Figure 1 taken from the report summarises the security vulnerabilities and threats.
This month’s the GSMA’s Mobile Telecom Security Landscape blog discusses the importance of knowing about the total number of possible entry points and vulnerabilities that could be exploited by a bad actor. These essentially fall under the usual systems (development and operational), equipment, people and processes – and services used to operate, design and maintain a network.
What are operators doing to mitigate the risk of cyberattack?
As providers of critical national infrastructure, they have obligations to maintain a secure network, protect their customers and safeguard the data they hold in their systems. They are bound by various laws and regulations, licence conditions and codes of practice, and are held to account by the relevant governing authorities. Extensive measures are employed technically and operationally to prevent unauthorised access such as incorporating new features and enhancing existing security capabilities.
However, technology alone is not a sufficient response to the myriad of threats and challenges. Given that people are unknowingly used through various tactics to divulge sensitive information or perform actions that lead to cyberattacks, the mobile industry works hard to ensure that their employees receive ongoing training on cybersecurity awareness – how to identify and report suspicious activity. The GSMA supports its industry members to advance security policy through providing expertise, holding dedicated security events, and through working groups such as the GSMA Fraud and Security Working Group.
How can governments support industry?
They have an important role to play in creating an enabling environment that attracts investment and fosters innovation. A “whole of government” approach and coordination across sectors is key when developing policies, laws and frameworks to ensure consistency in application (mobile operators can often be faced with conflicting or overlapping requirements within their national laws such as cybersecurity, data protection and, or even, obligations within their telecoms operating licences). As cyberattacks can originate from anywhere in the world, sharing intelligence on risks and threats, as well as incident handling across borders is key. Examples of established international frameworks are the Budapest Convention on Cybercrime, Association of Southeast Asian Nations (ASEAN) Framework and the African Union Convention on Cyber Security and Personal Data Protection (Malabo Convention). Capacity building can support knowledge-sharing both within and across countries as those with more advanced capabilities can support developing nations in strengthening their cybersecurity resilience.
Infrastructure security is one of the areas discussed in the GSMA report Safety, privacy and security across the mobile ecosystem which highlights the issues, the initiatives to address them and what further actions may be needed by industry and policymakers.