• Past Issues
• News Center
• Research Center
  • View Research Center
  • Upload Assets
• Webinars
  • View On-Demand Webinars
  • Order Webinars
• Events
  • ICTXS Europe
  • Industry Event Partnerships
• Sponsors
• Members
  • Membership Directory
  • Become a Member
  • Members Portal

• Data Center Security
• Network Security Gets Political
• IT Security from Down Under
• Averting Telecom Scams
• M2M Security
• Next Generation Firewalls
• Next Gen 9-1-1
• Nightmare Network Threats
• Security-as-a-Service
• The Unwalled Garden
• Communications IT News
• Letter from the Editor
• Article Index

• Past Issues
• News Center
• Research Center
• Webinars
• Events
• Sponsors
• Subscribe
• Marketing Opportunities
• Advertising Placements
• Editorial Opportunities
• Pipeline Memberships

Nightmare Network Threats

ORDER REPRINTS DOWNLOAD COMMENT DISCUSS SHARE

• 1
• 2
• 3

CTIA CEO Steve Largent warned in October at MobileCON that there is widespread concern about mobile security among IT professionals.

Application-level attacks

Distributed denial-of-service, SQL injection, cross-site scripting attacks, and other threats are increasingly targeting the application layer rather than the network layer, Pao says. “The telecom provider’s own Web presence should be insulated from application-level attacks that can steal sensitive data. Moreover, all of these attacks are automated through the same botnets that used to be directed at spam proliferation.” 

Network administrators of all stripes should look toward implementing beefier security to deal with these emerging threats, he adds, including application firewalls to protect online apps and advanced email and Web security to protect against social-media attacks. 

Fraud

According to a Communications Fraud Control Association (CFCA) estimate of global telecom fraud, losses in 2011 totaled $40.1 billion, down 33 percent from the CFCA’s 2008 survey, and equivalent to 2003 numbers. (Telecom fraud losses account for approximately 1.88 percent of revenues, a 1.66 percent decrease from 2008.) But the reason for the drop isn’t because more fraud is being detected and stopped — it’s that global revenue growth outpaced fraud losses. In fact 89 percent of operators surveyed said fraud losses had increased or stayed the same within their companies, a 13 percent increase from 2008. 

The top five fraud-loss categories reported by operators were:

• Compromised PBX/voicemail systems ($4.96 billion)

• Subscription/identity theft ($4.32 billion)

• International revenue-share fraud ($3.84 billion)

• Bypass fraud ($2.88 billion)

• Credit card fraud ($2.40 billion)

 

Although service providers are focused on creating value-added services, as device uptake reaches saturation it’s going to become more imperative to mitigate fraud losses. 

Protecting a network these days is more complicated and high stakes than it’s ever been. While it used to be standard for service providers to leave security up to the individual customer, more than ever the burden is on the shoulders of the provider. 

A recent report from TCS’s Niche Technology Delivery Group (NTDG) suggests that companies use rigorous risk assessment, reassessment and testing to constantly monitor the latest threats and their networks’ potential vulnerability to those threats. It goes on to recommend a “Defense in Depth” approach to security, with protections in place to ensure that if one layer of the network is breached the others remain secure. 

“Charity begins at home,” says Stephen Pao. “The CTO of the network should first ensure that his/her own internal networks and customer-facing Internet presence are secure. While news of breaches or denial-of-service attacks hit ordinary victims every day, the telecom provider is held to a higher standard.”

• 1
• 2
• 3

FEATURED SPONSOR:

Latest Updates

Follow @PipelineWire