Can the Global Telco Cyber Security Alliance deliver on its hype?

AT&T has joined Singtel, Softbank and other global majors in cyber pact, but how successful can it really be?

AT&T, the world's largest telecommunications company, has just joined the Global Telco Cyber Security Alliance, whose members already included Softbank, Singtel, Etisalat and Telefónica. The Alliance's security resources are impressive. But can it become more than a marketing strategy?

Here's some security news from the past year, selected from the "Significant Cyber Incidents" timeline published by the Center for Strategic and International Studies in Washington DC.

  • In May 2018, within 24 hours of President Trump's announcement that the US would withdraw from the Iran nuclear agreement, security firms reported increases in hacking activity including the sending of malware to global telecommunication companies.
  • Just weeks later in June 2018, Far Eastern hackers were found to be engaged in a cyber espionage campaign to collect data from satellite and telecoms companies in the US and Southeast Asia.
  • Barely a month after this, in July 2018, security researchers reported that an advanced hacking group, probably state-backed, had been active since early 2017 targeting telecommunications operations in the Middle East.
  • In October 2018, an ex-military security contractor reported that hidden surveillance equipment had been discovered in the networking hardware of an unnamed major US telecommunications company. The mysterious surveillance gear had not been installed by the US government and was presumed to have been inserted in the hardware at some point during its overseas manufacture or supply chain.
  • In December 2018, security experts reported that a hacking group, believed to be sponsored by an unidentified nation, had targeted telecommunications companies across Pakistan, Russia, Saudi Arabia, Turkey, and North America.
  • Later that month the United States, in coordination with its "Five Eyes" allies Australia, Canada, the UK, and New Zealand, accused China of conducting a 12-year campaign of cyber espionage targeting the intellectual property and trade secrets of companies, including telcos, across 12 countries.
  • In January 2019 a multi-year, global DNS hijacking campaign targeting telecommunications and internet infrastructure providers in the Middle East, Europe, and North America was exposed. The same month, it was revealed that hackers have been targeting the telecoms industry since at least 2014 in an attempt to surveil and collect the personal information of individuals in the Middle East, US, Europe, and Australia.

This is only a selection. These were only a few of the many serious, advanced cyber attacks against telecommunications firms that have occurred over the past year and been revealed publicly. Many more have not been publicised, and many more still, it is all but certain, have not even been detected.


Targeting the network to control the battlefield

Telecommunications firms are so very often the target for network-based attacks because they are, in fact, the network: the internet itself is merely a network of interlinked telco networks. In network warfare, telcos are often the battleground itself.

To continue reading this article register now