IT Security and the Threat You Cannot See

Posted Sep 2017

IT network security is fast becoming one of the biggest challenges facing businesses globally. Data breaches, ransomware and DDoS attacks seem to crop up in the news virtually every day.

It was hard to overlook the irony this month when Equifax – a company that includes identity-theft and data protection in its portfolio of services – admitted that a cyber data breach had possibly affected 143 million of its consumer customers.

The IT managers, CSOs and CIOs within companies that manage to maintain their cyber protection and avoid any data-breaches should be company rock stars – instead they will remain largely invisible until someone or something gets through when they will become instant villains. Especially as most cyber security analysts and commentators now agree that for every global company the situation has reached “when” you get attacked rather than “if” it happens.

The days when networks where only accessed by wired desktop computers are long gone – laptops, tablets and mobile phones connecting over wifi or the mobile network represent a significant portion of traffic and a potential weak point in terms of security.

In fact, those operators that are using our mobile signalling firewall can see that we are constantly blocking threats to their business and consumer customers. Every day our firewalls block around one million fraudulent messages, or around ten every second.

For the cyber security managers in global companies, those might be reassuring numbers. As long, that is, as their mobile service provider is one of the networks we are protecting. If not, then that threat still exists and the mobile phone is probably the weakest link in your cyber security system – especially if you rely on two factor authentication via SMS.

That’s because a very common threat – one that we block every day - is an unauthorised divert that would allow someone else to receive your messages or calls. Someone else that could therefore authorise a banking transaction or effectively authenticate themselves on your business network.

It’s also not just messages. The mobile network’s SS7 signalling system can be used to monitor or intercept voice calls – listening to and learning the details of your network access or impersonating staff to enable internal fraud or access to data.

It’s arguable that the biggest threat to an organisation’s cyber security is the one they can’t see. And until every mobile network operator in the world has a high-grade signalling firewall, even a rock-star of a cyber security manager will struggle to prevent that access.