Connect with us

Feature Articles

Hybrid cyberattacks – A new era of threat

Inside Telecom Staff

Published

on

Hybrid cyber attacks

In the ultimate dystopian novel, George Orwell’s “1984”, there is a chilling sentence towards the end of the book which reads, “The creatures outside looked from pig to man, and from man to pig, and from pig to man again; but already it was impossible to say which was which.” 

The same can now be said for your common cyber-criminal and groups of state hackers. The ability to differentiate between the two is becoming more and more difficult as the two are increasingly impersonating one another in an attempt to cover their tracks and escape detection.

The most recent edition of the “Cyber Threat Intelligence Estimate”, from security solutions integrator Optiv Security of Denver, Colorado, states that cyber-criminals and nation-state owned or sponsored hackers are now learning from each other and improving at what they do, as they implement similar practices, spoof each other’s hacking plans and lay fake tracks to confuse investigators. 

The Optiv report states:

Sometimes threat actors may masquerade as a certain type in order to hide their true agenda. Or, threat actors may belong to two or more classes, switching between them as their priorities change”.

The report finds that many vertical industries are still susceptible to constantly evolving cyber threats.

While businesses and organisations increasingly understand that cyber-security is an imperative asset to their success, this issue is rarely at the top of the corporate agenda despite the fact that just one, brief, effective cyber-incursion could bring an entire business down.  Anthony Diaz, VP and general manager of cyber operations at Optiv says, “Cyber security can be an existential threat for organisations.”

The report discovers that retail, healthcare, government, and financial institutions are among the industries most vulnerable to verticals of cyber security attacks. The attackers also are developing in terms of sophistication as “hybrid threat actors” (those that pretend to be of a different threat classification to conceal their real identities) begin to thrive. 

Old conventional attack methods (botnets, DDoS attacks, malware and phishing remain persistent threats but ransomware and “cryptojacking” are amid the new array of weapons in the hacker’s armories.

The painful fact is that cyberspace is increasing in terms of its hostility, hackers are now more refined than ever and hybrid threat actors are improving at defying detection methods and systems. Consequently, no vertical business is exempt from attack.

The new report recommends several instances of best practice including the employment of multi-factor authentication when possible, and conducting of frequent audits of all vendors and third-party assets, disposing of the ones that aren’t used any more.

The report also recommends that organisations take a proactive stance, rather than a reactive one in their approach to cyber security. When it comes to Cyberspace, shutting the stable door once the horse has bolted is pointless. The deed is done and the money (or the IP) has long gone. It is better and more cost effective to put the defenses up before an attack takes place rather than to try to recover when the assailants have come and gone. In today’s world, it is sadly a case of when, rather than if.

We’re a diverse group of industry professionals from all corners of the world. Our desire is to provide a high-quality telecoms publication that caters to an international market, offering the latest and most relevant telecoms information to businesses, entrepreneurs and enthusiasts.

Continue Reading
Advertisement

Feature Articles

ENISA: Human error is one of the major causes of security incidents

Ranine Awwad

Published

on

ENISA Human error is one of the major causes of security incidents

Human error means unintentional actions by users that cause, spread, or allow security issues to take place. Security incidents caused by human error have increased by 50% in the past year, according to a new report published by the European Union Agency for Cybersecurity (ENISA) entitled “Telecom Services Security incidents-2019”. The report shows that system failures caused 479 million user hours lost. In addition, the third-party failures- system failures, human errors, natural phenomena, and malicious actions have tripled compared to 2018. Incidents that originated in the third-party were estimated by 31%.

As part of the EU’s telecom regulatory framework, (Article 13a of the Framework directive (2009/140/EC) each year, European countries report significant security incidents to the National Regulatory Authority (NRA). A summary of these incidents will be sent to the European Union Agency for Cybersecurity (ENISA). The report refers to a number of 153 incidents that were submitted by 26 EU Member States. These security breaches resulted in 988 million user hours lost in 2019.

Human errors, hardware failures, power cuts, software updates, cable cut, heavy winds, and policy flaws are the reasons behind major security incidents. The incidents caused by human errors increased from 18% in 2018 to 26% in 2019. Fixed telephony and the internet are the most affected by human errors with 50% and 45% respectively. It has been reported that security incidents caused by human errors have been increasing since 2012.

Moreover, the report states that three high-capacity optical fibers were cut due to road modernization, which caused “mobile internet and telephony and also fixed internet and telephony outages at a national level for three hours. The deployment of the 5G network is expected to bring more security layers. A study by Ericsson revealed that the automation of things and the introduction of Artificial Intelligence would reduce cybersecurity issues.

On the other hand, an analysis of data from the UK Information Commissioner’s Office (ICO) carried out by CybSafe states that human error is the main cause of 90% of cybersecurity breaches. The analysis reported that 9 out of 10 of the 2376 cyber-breaches were caused by end-users, according to the Cybersecurity Intelligence website.

The European Electronic Communications Code (EECC) will come into effect across the EU Member States by the end of 2020. Article 40 of the EECC will give the security incidents reporting requirements a broader scope.

Continue Reading

Feature Articles

Pushing application of AI technologies with open-source platforms

Karim Hussami

Published

on

Pushing application of AI technologies with open-source platforms

In the race for 5G, the convergence of Artificial Intelligence (AI) is widely recognized as an essential component in supporting development across industries.

AI is the capability of a computer or robot controlled by a computer to do tasks that are usually done by humans. The reason why people are encouraged to adopt AI is the low error rate compared to humans, which has incredible precision, accuracy, and speed.

China has decided to launch an artificial intelligence open-source platform (dubbed ‘Dubhe’) for the development and study of AI algorithms, and to create an independent artificial research and industrial ecosystem. This computer software is released under a license in which the copyright holder gives users the rights to use, change, and distribute the software.

An example of this software or platform is Google Chrome which is a browser that serves as the platform for web applications. Most of Chrome’s source code comes from Google’s free and open-source software project Chromium, but Chrome is licensed as proprietary freeware.

Zhu Shiqiang, director of Zhejiang Lab in east China’s Zhejiang Province said: “We hope that we can gather together leading innovative forces in the industry to build a high-performance platform and framework for the development of artificial intelligence algorithms, and establish independent artificial research and industrial ecosystem.”

The lab covers major areas such as intelligent transport, intelligent finance, smart city, intelligent healthcare and robotics.

The size of China’s service robot market will reach 15.84 billion yuan in 2019, according to Analysys Mason research, while spending on robotics for healthcare providers in China was forecasted to reach around 4.9 billion U.S. dollars by 2022, according to Statista.

In addition, the ‘Dubhe’ platform that was jointly developed by Zhejiang Lab, Beijing Oneflow Technology, the China Academy of Information and Communications Technology, Zhejiang University and others, aims to become an industry leader by forging an artificial intelligence cooperation ecosystem.

“I hope that the Dubhe Artificial Intelligence Open Source Platform can push forward the application of AI technologies in different industries,” Pan Yunhe, an academician with the Chinese Academy of Engineering and Chief Scientist in Artificial Intelligence at Zhejiang Lab.

Continue Reading

Feature Articles

Ethio Telecom reports exceptional performance and $1.3 billion in revenue

Ranine Awwad

Published

on

Ethio Telecom reports exceptional performance and $1.3 billion in revenue

Ethiopianauthorities have been looking to liberalize the telecom market managed by Ethio Telecom for two decades. However, as of late, the company has registered significant achievements. Ethio Telecom announced earnings of $1.3 billion in the 2019/20 fiscal year, which ran from July 1, 2019, to June 30 2020.

During a press conference, Ethio Telecom’s Chief Executive Officer Frehiwot Tamiru said: “This is an outstanding performance”, according to the Reporter. She also added that due to the efforts that took place aiming to reduce tariffs and to control illegal telecom operators, the company generated $147.7 million from international services, states the same source. However, due to the pandemic, there was no demand for roaming.

The report states that Ethio Telecom has donated a significant amount to the nationwide effort to curb the spread of the Covid-19 pandemic. “The Ministry of Innovation has requested us $600,000 for the research and I am proud to announce that we have provided them with the first round of payment. I had a discussion with the minister recently and he told me that the research is bearing fruitful results and it is on the final stage, said Frehiwot Tamiru, according to The Reporter.

The Ethiopian government’s strict control over the Internet and mobile services has contributed to the Internet and phone shutdown over the past few years. However, during the pandemic, the company has provided free internet access aiming to secure the online learning experience. Previously, the Internet shutdown had cost the country an arm and a leg.

Ethiopia is the second most-populous African country after Nigeria. Ethio Telecom states that its number of subscribers has reached 46.2 million.

Inside Telecom has already reported on Ethiopia’s plans to liberalize the telecom sector. Two telecom licenses were set to be granted to foreign telecom investors aiming to increase competition. In May 2020, the Ethiopian government invited international telecom operators to buy a 40% stake in Ethio Telecom. On June 26, 2020, The Ethiopian Telecommunications Authority (ETA) announced it has received nine submissions from telecom operators and two from non-telecom operators. Both Safaricom and Vodacom have expressed interest in Africa’s largest telecom market. Reform in the telecom industry is crucial as competition allows Ethiopians to gain access to the best services.

China’s telecom giants Huawei and ZTE have been deploying telecom infrastructure in Ethiopia. China’s involvement in the Ethiopian telecom sector could have a serious impact on the country following US sanctions.

Continue Reading

Trending