Securing All the Connections for Real End-to-End ProtectionPosted May 2018
For some time, much of the focus on data protection and security has centred on the users and the device itself. Does the device have good anti-virus protection, does its software identify and block harmful e-mails containing “dodgy” links, and does the user follow good habits when it comes to password choice and protection?
The network itself wasn’t particularly identified as the threat - it might carry some harmful traffic but it wasn’t a threat itself.
What this ignores is the known weakness with the security of SS7 signalling within the mobile network, which means that – no matter how strong your end point security – fraudsters and hackers can still use SS7 to track, locate, divert or simply snoop on your activity. With an SS7-based attack, the end point device is not asked to approve call diversions, for example.
It therefore becomes obvious that network and device security need to go hand in hand. Protecting the devices will be of limited use if the network itself is breached. In fact, full protection needs to go even further. Full protection requires the network to be secure, the devices to be secure, and the network interconnect to be secure.
Our survey in Germany and the UK last year showed that consumers are becoming more aware of the need to secure the network. They are wise to email scams and phishing attacks, but quite rightly expect their operator to protect them from unseen dangers.
Part of the reason for the changing attitude is that consumer awareness of cyber security has increased and the end point, i.e. the handset, is no longer seen as the frontline of the defence. Today, it is being increasingly recognised that the network itself needs to be protected. What’s more, consumers expect their providers to respond to the threat.
There’s also little doubt that the mobile operators are alive to the need. Just last month a group of the biggest operators formed cyber security alliance, and according to research house Mobile Squared, the number of operators deploying SS7 firewalls will more than double this year.
This also mirrors what we are seeing – in fact during the course of this year we expect the number of consumer devices we are protecting through network-based SS7 firewalls to more than triple and rise into the hundreds of millions.
At Evolved Intelligence, our focus has always been on the network and the interconnect. Protection at that layer serves to protect the device as well.
In the coming years, the arrival of 5G networks and the growth of the Internet of Things will see many, many more devices granted network interconnection. Ensuring that interconnection layer has much greater levels of security – especially given the sensitivity of some of the devices and applications being developed – is now rightly the subject of a great deal of attention.
We’re proud to be involved in that work, because it is vitally important that the rush to launch services doesn’t see the mobile industry repeat the security errors of earlier generations of network technology. Full end-to-end protection of devices, consumers and data can only be delivered if you protect the network, the device and all the interconnections between.