Security threat looms

By Krishna Mukherjee

The evolution in the telecom sector has led to high speed internet and more data-centric customers. Consequence of these needs has increased security risks such as malwares and DDoS, among others.

According to a report by Arbor networks, DDoS attacks against mobile networks in India more than doubled with nearly a quarter of the respondents, offering mobile services, in the survey indicating that they noticed DDoS attacks affecting their mobile Internet (Gi) infrastructure, doubling the proportion over the previous year.

And now, the onus for providing secure channels falls on the operators with most of the customers considering security to be the operator’s responsibility. Enterprises also look for secure channels for virtual collaboration, and in such a scenario, end users and businesses believe that operators will protect them from security risks.

According to Ajay Dubey, manager, South India, Websense: “When it comes to mobile operators the most critical piece is CDR (call detail records) which needs to be protected by mobile operators. CDR is a great deal of information for everybody.”

The concern is not just that a security lapse may harm customers and enterprises, but as pointed out by a PWC survey, a successful cyber attack on a telecommunications operator could disrupt service for thousands of phone customers, sever Internet service for millions of consumers, cripple businesses, and shut down government operations.

The transition to data-centric, fully IP-based networks means that operators can expect more threats and security breaches on their infrastructure as they are deeply connected to other networks.

“An IP network opens the door for intruders, hackers and other malicious traffic generators. The growing number of 3G/4G mobile devices and the data volume they generate, the all-IP nature of LTE and the always-connected user mentality opens the CSP’s mobile network to a growing number of threats,” says Michael Joseph, manager system engineering for India and SAARC region at Fortinet.

3G, 4G LTE-More Prone to Threats?

As telecom companies resort to 3G, 4G LTE networks there is an increasing need to protect their firewalls. Sajan Paul – director, systems engineering, India and SAARC, Juniper Networks, explains: “If you are a 3G or 4G service provider, you would require additional security layers as 2G access speed is very low and if you have to launch an attack on service provider networks using a 2G bandwidth, it is very unlikely.

The 4G LTE trend is about to pick up pace and with revenues on data growing, most of the security threats come from data-centric information.

Echoing similar views, Amit Marwah, head of technology, Nokia Networks, says, “With new wireless technologies like LTE/LTE-A coming in, operators are looking for an end-to-end, cost-effective 3GPPcompliant security solution to protect their customers to the same high levels as in 2G and 3G networks.”

Adopting a 3GPP-compliant solution has important advantages for operators and help provide the scale, that is not available with proprietary security solutions. “Operators are looking for solutions to secure data between the base station and the core network with IP security (IPSec),” says Marwah.

George Chacko, systems engineer manager and lead technical consultant, Brocade, which provides networking products to data centers, believes having a robust firewall is need of the hour for telcos.

The telecom arm of Reliance Industries, Reliance Jio, aims to start its fourth-generation (4G) telecommunications services in 2015. Besides, country’s top operator Bharti Airtel is rolling out 4G services in four telecom services areas of Kolkata, Maharashtra, Punjab and Karnataka and plans to expand it 4G base.

The Security Priority

Most telcos have a complex network, which comprises heterogeneous network elements coming from different vendors; many of these remain known proprietary applications / solutions and include components like operating systems, protocols, hardware, software applications etc. Hackers target such things and look for unknown or latent vulnerabilities to find the backdoor in operator network.

Pravin Srinivasan, lead, security sales, Cisco India and SAARC, says, “The kinds of threats have drastically changed because of the new operating system, ioS, etc. The traditional worm, Trojan horses, viruses are still there but what we are seeing a lot more is the industrialization of hacking where people are building malwares with the purpose to steal the information, not to bring down the device. These types of threats are actually very difficult to figure out because they come in as harmless files sometimes and then they take character of the device and when they execute their idea is to steal the information.”

Maintaining network security and operational efficiency in today’s distributed networks demands technology that takes a more holistic approach to network security, adds Srinivasan.

According to networking solutions provider Ciena, “At a basic level is physical threat to the network, where intrusion into unsecured network facility can compromise the network. More sophisticated threats can come from network hackers who might launch Denial-of-Service attacks, or attacks against known insecurities in the network. Lately, threats can come in the form of compromised applications or malware installed on smart-devices and web or email access based security threats such as Phishing and ransomware.”

In this present scenario, it is high time when operators should gear up to protect their networks. They tend to rely on managed security expertise and invest in security solutions that provide reliable defence against unauthorized access, zero-day attacks, malware infiltration, spamming and other threats.

In addition, to streamlining operations, many operators are also looking at cloud and virtualization. “Many operators and telcos have plans to shift security, QoS, VPN and other services into virtual environments. Hence, security that is capable to deliver secure virtualization is also becoming a priority,” says Sunil Sharma, VP sales and operations, India and SAARC, Cyberoam.

Harmonization Challenges

Experts believe that the key challenge in deploying security solutions is understanding the needs and ensuring that telecom operator infrastructure being critical infrastructure, security solutions should integrate with other networking devices and solutions.

A security solution providing API integration and tested against industry standards becomes critical. Meanwhile, budget always remains a challenge, both capital expense costs of solutions that provide adequate security, as well as operational expense costs in managing these solutions.

However, according to Marwah, the biggest challenge today is need of globally harmonized testing and certification methodologies. Compliance to 3GPP security standards is mandatory in some countries but security testing is also an important area to be looked into. He says, “It is advisable to rely on internationally recognized and harmonized standards and/or proven industry best-practices for selecting evaluation requirements for a particular network product/service or class of such. Test case needs to be developed against 3GPP standards for security and 3GPP security standards testing must be conducted on these products/equipment.”