SecurityGen, a global provider of security solutions and services for the telecoms industry, has revealed its cybersecurity priorities for telecom operators in 2023. SecurityGen Co-founder and CTO, Dmitry Kurbatov, identifies the main factors shaping the risks and threats that operators must prepare for in the year ahead.
1. 5G-related challenges
- 5G is open for integration – but also to attack
5G is designed from the ground up to be flexible and open for integration. However, the same open architecture can also make 5G vulnerable and exposed to threats and hidden vulnerabilities.
The challenge for operators is to maximise 5G’s advanced functionality and interoperability while also recognising this vulnerability and minimising the threats arising from 5G’s extra openness compared to previous network generations.
- Beware roaming traffic from non-standalone 5G
As operators deploy more 5G networks and more users purchase 5G smartphones, the volume of roaming traffic between 5G networks increases. But the majority of this extra roaming traffic goes through non-standalone 5G networks which still use unsecure legacy technology for their core networks.
Without proper security measures in place, 5G is vulnerable to threats originating from non-5G networks carried in non-5G network traffic – but which are able to damage and disrupt 5G services.
2. Cyberattacks from hostile states and organised crime
Telecom networks are high-value targets for cyberattacks, especially during times of heightened geopolitical tensions. The growing use of mobile – especially 5G – for connecting and remote monitoring of everything amplifies the damage and disruption that an attack on an operator’s network could inflict. Mobile’s importance also makes it a target for organised crime groups to launch financially motivated attacks of their own aimed at operators or their subscribers.
3. Operators as high-value targets for ransomware
The number and frequency of cyberattacks such as ransomware and phishing show no signs of slowing. In 2023, expect the bad actors behind them to become more advanced and more selective in their attacks – including targeting mobile networks as the means to breach telecom operators and access the valuable customer data they hold.
4. New industry regulations on security but operators must do more
National and pan-regional regulators are pushing the telecom industry to comply with new security requirements that address the heightened threat of cyberattack on digital infrastructure and telecom networks as part of it.
Mobile network security is still perceived as an after-thought. Rather than adopt a network-wide, security-by-design approach, many operators continue to rely on inefficient one-off security techniques which leave parts of their networks exposed.
5. Effective cybersecurity also depends on collaboration
- Hinders knowledge sharing
When companies and experts share their knowledge and experience, everyone benefits. But with international cooperation undermined by current geopolitical rivalries and tensions, divisions might open between operators and other telecom industry players, industry regulators and national governments that make it more difficult to cooperate on collective joint efforts for better cybersecurity.
- Cybersecurity skill shortages
The telecoms industry, led by operators, needs to step up and invest in training initiatives to attract new workers and provide them with the requisite skills needed to grow the cybersecurity talent pool.
Against this range of threats, Kurbatov identifies the following steps for operators to strengthen the security and resilience of their 5G networks:
- Make the security of your 5G network as much of a commercial and operational priority as its performance in terms of speed, throughput, and coverage.
- Adopt a defence-in-depth approach based on continual network-wide assessments and monitoring.
- Effective 5G security requires more than just installed software solutions and automated monitoring and testing. Extensive and ongoing training is also essential, so that operator security teams can explore and stay up to date with the latest cyberthreats – and also identify new vulnerabilities.
