Sie sind auf Seite 1von 7

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/301649544

Security Challenges to Telecommunication Networks: An Overview of Threats


and Preventive Strategies

Conference Paper · November 2015


DOI: 10.1109/CYBER-Abuja

CITATIONS READS
0 1,585

3 authors, including:

Cosy Agubor
Federal University of Technology Owerri
20 PUBLICATIONS   12 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Design and Fabrication of a Wideband Antenna for Terrestrial DTV Reception View project

All content following this page was uploaded by Cosy Agubor on 26 April 2016.

The user has requested enhancement of the downloaded file.


2015 INTERNATIONAL CONFERENCE ON CYBERSPACE GOVERNANCE - CYBERABUJA2015 NOVEMBER 4 - 7, 2015

Security Challenges to Telecommunication


Networks: An Overview of Threats and Preventive
Strategies
Agubor C. K., Chukwudebe G. A. and Nosiri, O. C.
Department of Electrical and Electronic Engineering
Federal University of Technology
Owerri, Nigeria.
aguborcosy@yahoo.com

Abstract - Security challenges to telecommunication


networks have been a matter of concern to the international The solution to the high demand for video and data
community within the last two decades. Telecommunication services was provided by the advent of wireless mobile
infrastructure that provides the necessary backbone for technologies. As a driven packet-based switching
information exchange such as voice, video, data, and technology, it provided the type of network suitable for
Internet connectivity have been found to be particularly triple-play communications (i.e. voice, data and video)
vulnerable to various forms of attacks. Some of these attacks
[1]. This technology unlike the circuit-switched based
could lead to denial of service, loss of integrity and
confidentiality of network services. Protecting these technology is suitable for the transmission of voice, data
networks from attacks is thus an important aspect that and video information.
cannot be ignored. This paper highlights some of the
important security challenges to current telecommunication The wireless mobile evolved from 2G for voice and
networks and recommends countermeasures that can be short message services (SMS) to 3G systems with General
implemented to mitigate not only infrastructural insecurity Packet for Radio Service (GPRS), Enhance Data for
but also the risk from cyber-attacks. One of which is security Global Evolution (EDGE) and High Speed Packet Access
by default that aims at designing systems that can repair (HSPA) designed for larger volume of data transmission
themselves when breaches are detected.
and now to 4G. The 3G and 4G networks are based on the
Internet Protocol (IP) and are expected to reshape the
Keywords – cybersecurity; cyberattack; hacking; current structure of the telecommunication system [2].
telecommunication infrastructure; cybercrime.
Telecommunication networks from a global point of
I. INTRODUCTION view present a convergence of several technologies –
Telecommunication network worldwide is a mix of PSTN, 2G, 3G and 4G with vital network components.
both circuit and packet based technology. The Public These components are Access network, Core network,
Switched Telephone Network (PSTN) makes use of Application and Management Network, Internal and
circuit-switched technology and is rapidly being replaced External Networks [3].
by mobile wireless network technology. The wireless
network technology is a packet-based switching The interconnection interface due to this convergence
technology. of different technologies exposes the entire network to
intruders and increases the potential for attacks caused by
PSTN infrastructure is made up of digital switches, virus, worms such as Code-Red, Sasser and malicious
cables such as coaxial, surface and submarine optic fibre software [4]. Such attacks may be from either internal or
cables for long distance transmission, terrestrial external sources. In such cases any part of the
microwave and communication satellite links. This telecommunication network is vulnerable including the
technology was primarily developed as a network for radio path of the access and core networks.
voice signals. The major limitation of this network driven
by circuit-switched technology was its inability to handle Attacks on one telecommunication operator’s network
the ever growing demand for video and data services. The could also spread to multiple networks over the
availability of such technologies like digital subscriber interconnection interfaces [3]. This highlights the
line (DSL), Integrated Service Digital Network (ISDN) possibility of intruders gaining access to their targets
and Dial-up service for Internet connectivity did not irrespective of the geographical location of the remote
provide the expected solution. terminal.

124
2015 INTERNATIONAL CONFERENCE ON CYBERSPACE GOVERNANCE - CYBERABUJA2015 NOVEMBER 4 - 7, 2015

In view of the increasing rate of attacks and the impact telecommunication towers. This has put most parts of the
on the economy whenever it occurs, a review of the affected areas into a ‘zero-network.
prevalent attacks and recommended mitigations for
developing countries are presented in this paper. In Syria and Iraq, telecommunication towers and other
outdoor equipment have been regularly targeted by
II. CLASSIFICATION OF ATTACKS insurgents. In Nepal, during the ten-year civil war (1999 -
Attacks related to telecommunication infrastructure 2009), hundreds of towers and outdoor equipment were
may be carried out by various attackers with malicious attacked and destroyed by Maoists. FARC rebels, another
intent and without any good reason for carrying out such terror group in Colombia have an extended history of
attacks. In some cases their actions may be driven by the destroying telecommunication towers with explosives.
desire to cause total communication failure or generate
illegal profits. Attacks or threats on telecommunication It is a deliberate military strategy for rebel or terrorist
infrastructure can be classified as shown in Fig. 1. groups to target and destroy telecoms asset. Their main
objective of carrying out such physical destructions of
assets is often associated with their potential role in
Telecoms assisting states in tracking terrorist planning and
Threats/Attacks movement [5].

General B. Technological Threats


Terror Technological Criminal
Apart from physical attacks leading to the destruction
attacks Threats Attacks Threats
of assets, technological threats can be seen as another
form of telecommunication threats. This involves threats
Fig. 1. Classification of threats/attacks on Telecoms assets. ensuing from the technologies themselves. Such threats
are mainly associated with the corporate clientele of
A. Terror Attacks telecommunication companies.
Attacks capable of causing serious disruption of
network services can be of any form. One form is as a In some cases the threat or attack may lead to large
result of military conflicts. Certain military conflicts lead financial losses. An example is a long non-disconnected
to the physical destruction of telecommunication call. Such a threat is associated with private branch
installations and is done as a deliberate military strategy exchanges used by various companies and organizations.
especially by terrorists. This is true in regions that have or In this case what can happen is that a subjectively
are still experiencing one form of military conflict or the terminated call may not be properly disconnected by the
other. private branch exchange, or may still be on- hold without
the consent or knowledge of the participant [6]. Such a
In [5], Nigeria, India, Iraq, Syria, Nepal and Columbia call, because it is not terminated may actually remain
were mentioned as countries that have experienced “connected” for a number of days. In the event of an
telecommunication infrastructural destruction due to international call this could result in a major loss of
insurgency or military conflicts. For example, in 2012 revenue.
alone, Boko Haram (a terror group) in Nigeria destroyed or
damaged about 530 base stations and killed staff, causing
an estimated $132.5 million in damage. Such funds could C. Criminal Attacks
have been used to further develop or expand This is another form of attack that involves the use of
telecommunication networks in Africa’s largest economy. various technological means for malicious intent. In this
case the activities of the players cover the use of various
In Afghanistan between 2001 and 2013, at least 300 manipulative means to carryout traditional frauds. These
telecommunication towers were destroyed by the Taliban types of attacks present a risk for both the
[5]. In both cases, transmission towers and outdoor telecommunication companies and their customers.
equipment were targeted and destroyed. The decision by Criminal attacks can be classified as shown in Fig. 2.
terrorists to target infrastructure is probably based on the
extent to which they perceive the telecommunication
operators as undermining their security through call
tracing to the benefit of government forces. Also, Maoist
a terror group in India has forced mobile service providers
to avoid setting up new base stations in remote areas as a
result of several attacks in recent years on

125
2015 INTERNATIONAL CONFERENCE ON CYBERSPACE GOVERNANCE - CYBERABUJA2015 NOVEMBER 4 - 7, 2015

by the supplier or use an inadequate password. Many


Criminal PABX can and do have administrator access via a data
network. The act of taking control of such a branch
Attacks exchange is a case of traditional computer hacking.

In computer-related attacks, the telecommunication


Telecommunication infrastructure network be it fixed line, wireless or a mix
cable splicing, PABX of both networks provides the platform for the
hacking, etc. perpetration of this form of attacks via computer links.
These attacks are alternatively referred to as computer
crime, cyber crime, e-crime, electronic crime, or hi-tech
crime [6].
Computer Related
Attacks Computer crime is an act performed by a
knowledgeable computer user. This crime unlike terror
attacks does not lead to physical destruction of
infrastructure but involves the stealing of a company's or
Fig. 2. Classification of criminal attacks. individual’s private information. The player in this act is
sometimes referred to as a hacker. In some cases, this
Splicing into telecommunication cabling is an act of person or group of individuals may be malicious and
gaining unauthorized access to telecommunication destroy or otherwise corrupt the computer or data files.
network. The main purpose of such action is to make Examples of computer crimes are [7]:
illegal connections. This is a problem encountered in
regions where PSTN with fixed line network is still
 Creating Malware - Writing, creating, or
operational. Characteristically, fixed line network
distributing malware (e.g. spyware and viruses)
contains hundreds of kilometres of copper cabling linking
the telephone exchanges with the subscribers. This makes  Cyber terrorism – Hacking or Computer
it extremely costly and almost physically impossible to intrusion, threats and blackmailing of a person or
reliably and efficiently secure these cables from unwanted business...
and unauthorized interference.  Denial of Service Attack - Overloading a system
with so many requests so that it cannot serve
Due to its vulnerability to abuse, criminals normal requests.
mechanically splice into the cabling and are then able to  Espionage - Spying on a person or organization’s
connect and make calls free of charge resulting to high activities.
billing of a customer whose line was illegally and  Harvesting - Collecting accounts or other
unfortunately used. Public phones, where available are account related information of other people.
frequent targets of these kinds of attacks. In this case the  Identity theft - Pretending to be someone you are
telecommunication operator is at risk due to loss of not.
revenue. In most cases splicing into cabling enables the  Fraud - Manipulating data for the purpose of
player to gain access to the network with an intention to committing a crime, e.g. changing financial
commit a more sophisticated criminal act. records to enable someone steal or transfer
money to an account.
Hacking of Private Branch Exchanges (PABX) is a  Spamming - Distributing unsolicited e-mails to
dangerous form of criminality as well. Modern branch hundreds of different addresses.
exchanges are special communication equipment for  Intellectual property theft - Stealing of another
private use with a large number of functions. This person’s or companies intellectual property.
equipment requires trained service personnel for its  Wiretapping - Connecting a device to a phone
administration and allow for remote administrator access line to enable one listens to or monitors another
over the telephone network. This access for administrative person’s conversations.
purposes over the telephone is a stumbling block [6],  Phishing - Deceiving individuals to gain private
because there are illegal operators who scan telephone or personal information about them.
number ranges and look for such access.  Salami slicing - Stealing tiny amounts of money
from each financial transaction made.
After locating the access, these operators then try to  Spoofing - Deceiving a system into thinking you
hack into this access. This is made easier by the fact that are someone who in reality you are not.
many administrators retain the default password pre-set

126
2015 INTERNATIONAL CONFERENCE ON CYBERSPACE GOVERNANCE - CYBERABUJA2015 NOVEMBER 4 - 7, 2015

 Unauthorized access - Gaining access to systems such as home routers from Internet Service Providers
you are no authority or have no permission to (ISPs). Once the equipment has been compromised, it
access. becomes possible for hackers to steal data, launch other
attacks, store infiltrated data, or access expensive services
D. General Threats/Attacks such as international phone calls. In order to avoid
This involves players like special government agencies. upsetting their customers, telecommunication companies
It is a form of hacktivism with nation-state sponsorship generally refund any charge associated with such
[8]. Three different cases used to illustrate the nature of malicious attacks. This often results to significant loss of
such attacks in [9] are: revenue to the organization.

Case No 1: Government agencies are increasingly In Table 1, various forms of attacks or threats and their
attacking telecommunication operators’ infrastructure and likely outcomes are summarized.
applications to establish covert surveillance. Very
Advanced Persistent Threats (APT) is used. With APT, Table I: Threats and likely outcomes [2].
sophisticated actors carrying out covert surveillance and Attacks/Threats Outcome
can operate undetected for long periods of time. Unauthorised physical access to Destruction or theft of
Communication channels targeted for covert surveillance switching equipment, information and
include phone lines, online chat, mobile phone data, etc. telecommunication cable and equipment, interception or
Covert surveillance in the form of cyber attack may be other critical network monitoring of the network
infrastructure, e.g. Authentication traffic.
between nations. There have been cases where one
Centre (AuC), Home Location
nation’s cyber-attack prevented another nation’s leaders Register (HLR) and Visitor
from communicating on their mobile devices. Location Register (VLR).
Interception of voice traffic due to Unauthorized access to
Case No 2: Given that telecommunication companies absence of encryption for speech telecommunication
control critical infrastructure, any shutdown has great channels and inadequate network traffic.
impact on the economy. For example, during severe authentication in PSTN networks.
petroleum product crisis in Nigeria mid-2015, the Use of modified mobile stations to Spoofing of user de-
exploit weaknesses in the registration and location
telecommunication companies were affected because they
authentication of messages update requests, leading to
run on diesel generators, consequently, banks and various received over the radio interface. unreliable service.
organizations could not sustain their regular services. Deployment of malicious Use of these compromised
applications on devices like smart devices to target the
Case No 3: Customer data is another important and phones and Tablets. operator’s network.
high impact target. It is the tradition of Compromise of the AuC or SIM Identity theft (intruders
Telecommunication organizations to register their used for storing the shared secret masquerading as
numerous customers. By so doing they typically store for the challenge-response legitimate users).
mechanism.
personal information about all of their customers such as
Intrusions into the operator’s Unauthorised changes to
names, addresses and financial data. This sensitive data networks the users’ service profiles
becomes a compelling target for cyber-criminals or resulting to unreliable
insiders, whose aim may be to steal money, conduct service and fraud.
identity theft, blackmail customers, or launch any other Gaining access to network Destruction or alteration
form of attack databases containing customer of personal and
information. confidential data.
A stolen laptop may not be taken as a serious case. It
is one of the several ways of information loss. Of course III. RECOMMENDATIONS
in every sector, laptops can be lost or stolen. The problem A. Telecommunication Network Security
however, tends to be worse in telecommunication sector The required technology must be put in place to
because their employees often serve customers as part of safeguard critical telecommunication infrastructure and
a call center or help desk function and may have large assets. In regions where there are military conflicts with
amounts of sensitive customer data stored in their laptops. high rate of terror attacks, telecommunication outdoor
The theft of such a piece of equipment may put several infrastructure like towers, radio equipment and power
individuals or the company at great risk. generating sets should be sited on safer areas not likely to
be attacked by insurgents. This is necessary to avoid
One critical threat unique to the telecommunications physical destruction of installed equipment. It may also be
sector is the attack of leased infrastructure equipment, necessary to have mutual agreement between government

127
2015 INTERNATIONAL CONFERENCE ON CYBERSPACE GOVERNANCE - CYBERABUJA2015 NOVEMBER 4 - 7, 2015

security agencies and network providers on ways of Access Controls (EAC), mechanical combination locksets
securing key telecommunication installations. or deadbolts, should be used to control access [12]. A list
of persons authorized to access these sensitive areas or
B. Operations Security (OPSEC) spaces should be maintained to avoid unauthorized entry.
OPSEC focuses on preventing the leakage of vital The organization should also maintain a control log for
information or security procedures concerning an security audit purposes.
organization to the outside world. It is concerned with
refining operational procedures and workflows to increase F. Security infrastructure implementation
the security properties of an organization. For example, an Important policies and processes adopted by an
organization may restrict what employees post on their organization should be supported by a security
Facebook pages or other social media especially when infrastructure that includes multiple security layers as in
such issues are about the organization’s security “Defense-in-Depth” approach [3]. This strategy allows for
procedures which are not meant for public consumption. different layers of security such that the compromise of
one security layer alone does not expose the network to
C. Security by Default attacks. Some of the security measures that can be
Organizations or companies should develop a deployed across the various layers are:
systematic method of preventing or fighting attacks in  Interference and tamper-proof cabling
their establishment. Staff should frequently be trained and infrastructure.
examined for compliance. Appropriate computer  Close Circuit Television (CCTV) and security
resources should be used to enforce security in a guards monitoring of the operator’s premises.
systematic way before they occur. Security by default  Physical access control mechanisms like
focuses on three themes [10]: smartcard and biometric readers.
 Firewalls at the network perimeter for publicly
 Prevention or designing systems that is harder to accessible systems
hack.  Host and network-based Intrusion
 Resilience or designing systems that can offer Detection/Protection Systems (IDPS).
secure transactions even after they have been  Security Information and Event Management
compromised. (SIEM) systems for handling of security events
 Regeneration or designing systems that can and logs that are generated by multiple systems.
automatically repair themselves when breaches  Malware management by using antivirus,
are detected. antispyware technologies on internal systems
and mail servers.
D. Criminalization of Cybercrime  Secure application development practices
In relation to cybercrime, the Cybercrime Convention  Carrying out security checks on the
of the Council of Europe called for eight offenses to be telecommunication equipment, perimeters,
criminalized. These offences are [11]: critical network components and applications.
 Illegal interception  Encryption and data masking techniques for both
 Data interference data at rest and transit.
 System interference  Security awareness
 Misuse of devices
 Computer-related forgery IV. CONCLUSION
 Computer-related fraud Telecommunications infrastructure is a big target for
 Offenses related to child pornography, cyber-attacks. This is because they build, control and
 Offenses related to infringement of copyright operate critical networks that are widely used to
and related rights. communicate and store large amounts of sensitive data.
Legislation should be given for all these offences where Telecommunication network from a global point of view
there are none so as to deter prospective criminals. is a mix of both fixed and mobile phone networks which
provides the traditional access for computer related
crimes or cybercrimes e.g. phishing, hacking, spoofing,
E. Restriction to sensitive areas
etc, to be perpetuated.
Telecommunications spaces, pathways and equipment
rooms should be secured and treated as restricted zones.
Access to these areas should be monitored, controlled and The attacks may cause damage such as sensitive
limited to authorized and properly security-cleared information being leaked and security documents exposed
persons only. Methods such as installation of Electronic which may put both individuals and the affected

128
2015 INTERNATIONAL CONFERENCE ON CYBERSPACE GOVERNANCE - CYBERABUJA2015 NOVEMBER 4 - 7, 2015

organizations at risk. The paper has suggested some


preventive measures that can be implemented as a way of
fighting or preventing cybercrime.

REFERENCES

[1] M. Sif & L. Newell, Optimizing Broadband


Aggregation Networks for Tripple Play Services, Alcatel
Telecommunications Review, 4th Quarter, 2004.
[2] Convergence and Next Generation Networks,
Ministerial Background Report (OECD), 2007.
[3] Tata Consultancy Services Limited, 2012. Available
from World Wide Web: http://www.tcs.com) [Accessed
11th August, 2015].
[4] J-L. Ronarch. M. See & J. Smith. Security Solutions
for a Mobile Enterprise Workforce, Alcatel
Telecommunications Review, 1st Quarter 2006.
[5], Williswire 2015, Available from World
WideWeb:http:/www.willis.com/2014/10/threats-to-
telecommunications-operators [Accessed 11th August,
2015].
[6] Available from World Wide Web:
www.securtyrevue.com [Accessed 5th August,2015].
[7] Computer crime – Available from World Wide Web:
www.computerhope.com [Accessed 10th August, 2015].
[8] Cyber in sight, Available from World Wide Web:
www.surfacewatchlabs.com [Accessed 5th August, 2015].
[9] Telecoms Cyber intelligence centre. Available from
World Wide Web:
www.cyberintelligencecentre.com/news/global-cyber-
executive-briefing/telco.aspx [Accessed 5th August,
2015].
[10] H. Shrobe, Available from World Wide Web:
www.Cybersecurity@CSAIL): [Accessed 5th August
2015].
[11] B. Fujiwara, “Cyber Security Threats and
Countermeasures,” Available from World Wide
Web:http://www.gbd-e.org/ig/cs[Accessed 28th August,
2015].
[12] Security Implications of the Integrated
Telecommunications Infrastructure, Available from
World Wide Web: http://www.tpsgc-pwgsc.gc.ca
[Accessed 28th August, 2015].

129

View publication stats

Das könnte Ihnen auch gefallen