The telecommunication sector is undergoing a transformation with the introduction of 5G technology, presenting vast potential and a myriad of opportunities. However, as technology advances, threat actors are becoming more sophisticated, posing a significant challenge for communication service providers (CSPs) in maintaining robust security measures. The Nokia Threat Intelligence Report 2023 sheds light on the trends surrounding 4G and 5G security attacks, malware incidents, Distributed Denial-of-Service (DDoS) attacks, and other telco cyber threats affecting fixed and mobile networks worldwide.
Here are some key findings of the report.
IoT bots account for 60% of attacks on mobile networks
The report revealed that 60% of attacks on telecom mobile networks are associated with Internet of Things (IoT) bots scanning for vulnerable hosts to build their botnets for executing DDoS attacks. This rapid proliferation of IoT bots has become a major concern for CSPs.
Furthermore, more than 30% of CSPs surveyed in a Nokia/GlobalData study said that they experienced eight or more security breaches in the past 12 months, highlighting the growing struggle to cope with the evolving threats.
Additionally, CSPs are grappling with fragmented security tools, making it challenging to effectively deploy security capabilities across various systems and use cases.
Malware attacks
The report found that 35% of the detected malware attacks were due to ad-click bots, crypto-miners, and banking trojans, accounting for 15%, 11%, and 9% respectively. While adware incidents experienced a decline of 25%, crypto-mining attacks remained steady, and banking trojans nearly doubled, rising from 5% in 2021 to 9% in 2023.
Despite a decrease in residential malware infection rates to 1.5%, it continued to surpass pre-pandemic levels, which stood at 1%.
Scanning for potentially vulnerable devices remained the predominant form of malware activity, accounting for 88% of attacks in fixed networks and over 90% in mobile networks. Once a vulnerable device is detected, the malware initiates a sequence of attacks, aiming to exploit the vulnerability with the goal of incorporating the target device into a botnet.
90% of complex DDoS attacks were caused by botnets
The surge in IoT and cloud technologies adoption within residential and enterprise networks has fuelled the extensive proliferation of botnets. The report highlighted that on a global scale, there are between 500,000 and 1,000,000 remotely controlled IoT hosts or cloud server instances active every day, contributing to over 40% of all Distributed Denial-of-Service (DDoS) traffic.
In 2023, an alarming 90% of complex, multi-vector DDoS attacks were launched using botnets, underscoring the severity of the threat landscape.
How CSPs can ensure 5G security
To safeguard their 5G networks against these emerging threats, CSPs must adopt a comprehensive and proactive security approach that encompasses the following:
- Advanced threat detection and response: Due to the dynamic and complex nature of 5G networks, real-time visibility into network traffic is crucial. The ability to detect and respond to threats promptly is essential in thwarting potential attacks.
- Cyber Threat Intelligence (CTI): Implementing a robust cybersecurity cycle requires the integration of CTI, which plays a vital role in gathering and analyzing relevant information about potential threats, vulnerabilities, and attacker tactics.
- Strong access controls and user management: To protect against supply chain threats, CSPs need to be careful about the companies they work with. They should do a detailed check on their suppliers and vendors to make sure they are trustworthy. It’s also important to have strong security measures in place like multi-factor authentication to prevent unauthorized access and role-based access control to limit user privileges.
- Privileged user monitoring: Regularly reviewing privileged user activity helps detect and prevent unauthorized actions or data exfiltration, ensuring the security of critical systems.
- Regular vulnerability assessments and penetration testing: Conducting regular assessments and testing helps identify and address potential security weaknesses in 5G networks before they can be exploited by attackers.
As 5G technology continues its rapid expansion, the attack surface available to threat actors also grows, CSPs must be proactive in their security efforts, staying ahead of emerging threats to ensure the resilience and integrity of their networks.
Source: Nokia Threat Intelligence Report 2023
Read next: 42% of executives experienced severe cyberattacks in the past 2 years
