On the 19th May, the GSMA hosted the first T-ISAC Annual Summit, an event for GSMA members to explore key cyber security issues and relevant topics of interest to the Telecommunications Industry. The summit covers topics such as how intelligence sharing can proactively protect customers from mobile malware and included guest speakers from the financial services and aviation industries who shared insights on the value of threat-sharing information between industries.
Working under the mantra “one organisation’s detection is another’s prevention”, the GSMA Telecommunication Information Sharing and Analysis Center (T-ISAC) is the central hub of information sharing for the Telecommunication Industry. We believe information sharing is essential for the protection of the mobile ecosystem, and the advancement of cybersecurity in the telecommunication sector. Drawing on the collective knowledge of mobile operators, vendors and security professionals, the T-ISAC collects and disseminates information and advice on security incidents within the mobile community – in a trusted and anonymised way.
Use of T-ISAC to Proactively Protect Customers from Flubot Malware
Flubot (also known as Cabassous and FakeChat) is a blended attack combining smishing and voicemail lures with banking malware injects. It indiscriminately targets mobile users, with the greatest impact on Android devices that have enabled side-loading of apps, but iPhones are not entirely immune. Although Europe has been the primary focus of this highly infectious malware, the campaign moved to Australia and New Zealand in 2021, and incidents have now been seen in all regions of the world.
Nauman Khan, Cyber Security and Analytics Consultant at STC, provided an update on the Flubot malware and the impact that information sharing through T-ISAC has helped STC to proactively protect their customers.
The GSMA has published a T-ISAC Insight Report on Flubot which is available for download by GSMA T-ISAC members.
The Importance of Cross-ISAC Information Sharing
Technology convergence means that more and more services, from across different industries, are vulnerable to the same cybersecurity threats. Teresa Walsh, Global Head of Intelligence at FS-ISAC, joined a collaborative session during the summit to highlight how the threat landscapes from the telecommunication and financial industries overlap and to explain how sharing intelligence and knowledge builds a stronger security stance against cyber threats.
Following on from this session Doug Blough, Vice President from the Aviation-ISAC joined the summit to explain the benefits and best practices for cross-industry sharing. He explained how ISACs should engage with members to encourage active sharing with the goal of building a united community to better defend all industries against cyber threats.
How to get involved in T-ISAC
If you are a GSMA member, you can join T-ISAC by completing the short form and getting involved in our upcoming activities.