Evolve or Die

By Ben Wiechman, Director of IP Strategy and Engineering, Arvig

Ben Wiechman, Director of IP Strategy and Engineering, Arvig

Being a service provider is a little like being the proverbial canary in the coal mine. We are a target for a full range of attacks,and, through our managed services offerings and the technical support we provide our customers, we also have some measure of visibility into the types of attacks that our customers experience.

Ransomware and phishing attacks will continue to be common, largely due to both of their simplicity and effectiveness. Employee education can help reduce the effectiveness of phishing or spear phishing attacks. However, the simple fact is that many legitimate emails from trusted partners often include links or attachments which can make it difficult to sift legitimate messages from garbage.

Recent attacks of various municipalities and utilities continue to demonstrate the effectiveness of ransomware. Given the evolving trend of cybercriminals leaking some information in order to force payment, additional mitigation is required. For example, ensuring critical data is backed up using a product that allows simple point in time recovery is a key measure that all businesses absolutely must have deployed. Having a validated disaster recovery plan, or other countermeasures in place as well can help to dramatically improve recovery times. An insurance policymay help recoup costs associated with an effective ransomware attack, but may not be enough to ensure the survival of the business that was the target.

"Ransomware and phishing attacks will continue to be common, largely due both of their simplicity and effectiveness."

We are also seeing denial of service attacks increase in sophistication and frequency, as well as adoption rates. The marketing arm of the dark web is in full force with discounts, or free trials, for first time buyers. Especially in some verticals like education, gaming, or testing, this is resulting in more frequent attacks as it becomes simpler to instigate an attack.

For service providers this means that denial of service mitigation services are becoming a core offering. Customers simply cannot accept interruptionsin their day to day activities, nor is dropping all traffic typically a very viable solution. Attack patterns are also becoming more sophisticated with intermittent attacks spread over hours becoming more common, all the while often leveraging simple amplification style methods to generate the attack traffic. For consumers, or enterprise customers that rely on their internet connections, these trends reinforce the value of using multiple service providers or an SD-WAN service in order to minimize an impact.

Most concerning is specific targeting of service providers and the telecommunications industry, such as the MESSAGETAP malware reportedly used to target specific text messages for later retrieval by a Chinese group APT41. As telecommunications providers not only are we are key providers of critical infrastructure, we also provide service to other companies that provide critical infrastructurein all verticals and all industries making us tempting targets. This requires that we constantly focus on the basics: employee education, defense in depth, threat modeling, encryption of critical data, security best practices built into product design, network infrastructure, and development activities. These trends are also driving the adoption of machine learning and data analysis tools to augment human capabilities.

Those service providers that cannot adapt in order to maintain their status as a trustedpartner risk significant loss in trust and customers if they fail.

Read Also

A superlative digital experience is the starting point to successful CSP digital transformations

A superlative digital experience is the starting point to...

John Abraham, Principal Analyst, Digital Transformation, Analysys Mason
Why It's Time to Move SIEM to the Cloud

Why It's Time to Move SIEM to the Cloud

Ben Schoenecker, Director of Information Security, Hendrick Automotive Group
The Doctor Is In, Online and Connected

The Doctor Is In, Online and Connected

Robert DiLeo, CEO, Hylan
The Nuances of Information Security and Privacy

The Nuances of Information Security and Privacy

Leon Ravenna, CISO, KAR Auction Services, Inc.
Voice Telecommunications Challenges and Lessons Learned during the COVID-19 Pandemic

Voice Telecommunications Challenges and Lessons Learned during the...

Robert Novo, Service Delivery Director, Voice Communications, Americas, BT
The Case for a Holistic Approach to Resiliency in Next-Gen Telecommunications Networks

The Case for a Holistic Approach to Resiliency in Next-Gen...

Robert Novo, Service Delivery Director - Voice Communications, Americas, BT