Serdar Vural
Product Manager at Canonical
While the telco industry is experiencing huge digital growth, threats to cybersecurity continue to proliferate. With the continued impact of cyberattacks on telcos, Mobile Magazine’s Amber Jackson speaks with Serdar Vural, Product Manager at Canonical, about how businesses can better protect themselves.
Prior to his work at Canonical, Vural worked on several projects, including software development for software-defined networking tailored for 5G networks. He also works to integrate Internet of Things (IoT) devices with 5G networks, having created a mobile app based on open-source software at the University of Surrey in the UK, where he was a systems architect and research fellow. He has also published several papers on improving performance in mobile networks.
What sparked your interest in telecommunications and cybersecurity?
The technology behind mobile networks is fascinating — it’s one of the most complex and most widely used software today. It is also tightly integrated with our daily lives, even though we rarely think about how challenging it is to bring mobile services to people at any time and anywhere.
I started with general computer networking early in my career, with a particular focus on wireless ad hoc and sensor networks when I was a PhD student at the Ohio State University. Those topics were very popular at the time, and they were foundational for building a new technology area which is what we call IoT today.
My career transition to mobile networking really happened when IoT needed to be integrated into 5G — that’s when I started looking into 5G networks and mobile networking in general. Telecommunications has always been there for me in different forms, and the more I worked on the subject the more I realised how important it is to safeguard telecom systems.
Having worked on some projects on bringing security to 5G networks made it clear to me that securing these systems is challenging and requires highly effective solutions that should not be just add-ons, but must be essential parts of the core of any system where telecommunications software runs, from design to deployment.
How do you feel telecom infrastructure underpins modern digital life?
In today’s world, telco networks are critical to the way every organisation works and underpin essential public services from transport to health. When there’s an outage, it can have disastrous effects — everything from affecting medical equipment to paralysing transport networks to leaking sensitive information.
The amount of data held on telecom systems is enormous; there is sensitive data on just about everyone on Earth, and any outage or data breach can have effects felt at the national scale, affecting millions.
What is the state of the telecommunications industry when it comes to cybersecurity?
Telco is among the most-targeted sectors globally for cybercriminals, and it’s not hard to see why.
Sensitive user information is carried at a massive scale on telecom networks, and that naturally makes them an attractive target for malicious actors. The increasing use of mobile devices for multi-factor authentication, across a wide variety of applications, makes telecom networks an even more tempting target.
The form these attacks take varies from attempts to disrupt or downgrade services, such as by using Distributed Denial of Service (DDoS) attacks, or attempts to breach private or sensitive data. Protecting against these threats is hugely important in the sector and will only become more so.
Are attacks increasing in frequency and becoming more sophisticated?
There’s definitely an upward trend in the number of cyber attacks, doubling between 2021 and 2022. The number of DDoS attacks also more than doubled in that same period, according to a report by European Union Agency for Cybersecurity (ENISA) report.
Attacks on Domain Name System (DNS) services are becoming very common and are now the most attacked part of telecom networks, according to EfficientIP. Many such attacks come from low-level criminals, but as telcos can be a gateway into many different businesses, there’s also an increasing number of sophisticated attackers at work.
How have these cyberattacks affected the telecommunications industry?
There’s a growing awareness of just how inseparable telecoms are from the public services the world relies on every day. Governments now quite rightly consider telecoms networks as critical national infrastructure.
In turn, this has led to increasingly tough rules and regulations for operators and service providers, with the UK bringing in the Electronic Communications (Security Measures) Regulations and Telecommunications Security Code of Practice in September 2022. The regulations being adopted in different nations include stringent data protection laws to protect consumer identity and data, and requirements to secure both infrastructure and software — sparking a wave of investment in security solutions across the sector.
A wave of recent data breaches at US telecoms organisations has seen more than 74 million private records of customers at organisations including Verizon, AT&T, T-Mobile and US cellular leak onto the dark web. The scale of these attacks highlights the size of the risks facing the sector and the responsibility companies in the telco space have to take security seriously.
In many of these cases, the breaches have occurred thanks to security weaknesses in third-party vendors and managed service providers (MSPs). This has highlighted the complex security challenges facing companies in the telco space, and the need to invest proactively in security.
When it comes to telecom infrastructure, how could an outage have major consequences?
The advent of 5G and technologies such as IoT devices has meant that telecom infrastructure is woven into the lives of people and nations in a way that was never the case before.
With the global shift towards hybrid working, telecom infrastructure underpins the working lives of just about every organisation and is crucial to the public services we rely on everyday. Major outages can bring work to a halt across organisations and can have effects at the national level on key public services including transport.
This explains why governments worldwide are beginning to treat telco security very seriously indeed.
What are some of the key vulnerabilities and risks currently facing the telecom industry?
The arrival of 5G has offered telcos the chance to deliver a huge variety of new services but the downside of this is new ways for attackers to strike. Because 5G supports connectivity from many different kinds of devices — such as security cameras, smart home hubs and the like — it vastly increases the attack surface for telecoms organisations, with more devices and networks connected to telecom infrastructure than ever before. Virtualisation poses another new threat.
Telecom infrastructure is increasingly turning to virtualisation so that mobile networking software is run as virtual software instances, with benefits including flexibility, cost reduction and energy efficiency. But the negative side to this is a broader attack surface: telecom operators have to safeguard not just infrastructure software but also the running instances.
What measures can telecom companies take to enhance their cybersecurity in the face of increasing threats?
Operators need automated, scalable and trusted solutions to protect their vital infrastructure. As telecoms standards evolve, so too have attack surfaces, meaning that infrastructure and running workloads are at risk.
The adoption of open source helps here, providing much-needed transparency, which naturally adds security. But telecom operators also need to comply with security standards, and adopt scalable, automated systems which can ensure that the ever-growing volume of software used by telcos has no vulnerabilities.
It’s also crucial to adopt the various frameworks developed by national bodies so that telecom operators can be sure their systems are equipped with the latest security features and cryptographic measures.
How can automated vulnerability management and OS hardening strengthen cyber defence within the industry?
Today’s software landscape has grown extremely complex, with solutions often having overlapping and conflicting constraints. That means that robust automated security systems with standardised mechanisms are helpful.
Automation is particularly important in the case of operating system (OS) hardening. Otherwise, hardening and auditing the OS for every deployment is not only extremely tedious, but also prone to errors due to the large number of steps in the process. Operators need the ability to harden and audit in an automated way.
Automation is also vital when it comes to vulnerability management, removing repetitive steps which tend to introduce human error. It’s tricky to fix all vulnerabilities manually due to the huge ecosystem of software sources. Virtual applications may have common vulnerability exposures (CVEs) and dealing with these manually is long-winded and difficult: assigning the task of fixing vulnerabilities to people is simply not scalable.
What do you think the future of cybersecurity needs to look like to ensure telco security?
Going forward, telecoms will be central to emerging technologies such as smart cities and autonomous vehicles and the complexity of networks and software ecosystems is only going to continue growing. Attackers will also grow more sophisticated.
Thankfully, global governments have woken up to the critical nature of telecommunications networks in today’s society and are taking steps to work together to strengthen security in the face of burgeoning risks.
The arrival of a global organisation — Global Coalition on Telecommunications (GCOT) — is helping nations such as the UK and the US to work together on improving security in telecoms networks.
Make sure you check out the latest edition of Mobile Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
**************
Mobile Magazine is a BizClik brand
