Telcos under cyber threat
Johannesburg, 30 May 2013
Telecoms companies are now just as much at risk as banks and government departments when it comes to cyber crime.
While telecommunications companies are on par with government and financial institutions as far as cyber security risks and potential losses are concerned, the industry is falling behind when it comes to instituting adequate online crime prevention measures.
Evident in the recent spate of SIM swap fraud among SA’s operators, and the protracted hacking of MTN’s systems that emerged yesterday, telecoms companies are under more pressure now than ever before – particularly in light of the burgeoning industry they operate in.
Craig Rosewarne, director of Wolfpack Information Risk, says there is much emphasis placed on cyber crime in SA’s banking and government sectors, while the telecoms industry is “right up there” when it comes to loss suffered through malevolent online activity.
In fact, he says, it is becoming harder to separate the industries. “We have seen a dramatic rise in SIM swap crimes, and with the uptake of mobile banking, this will also become an area to watch.”
Rosewarne says because of the growing threat to telecoms companies, amid mobile technology advancements and the resultant increased and varied use of cellphones, Wolfpack Information Risk’s latest SA Cyber Threat Barometer report included the telecoms sector.
One of the telecoms companies the security firm interviewed said the number of cyber crime occurrences had increased by 200% for 3G data, where criminals are trying to find new mechanisms to get data for free.
The company cites methods such as using a telco’s access networks (the part of the communications network that connects subscribers to the service provider) as a local area network; using the access network or file transfer protocol to steal virtual vouchers, airtime and personal information; and SIM swaps.
The extensive financial loss suffered by MTN due to the ongoing hacking of its systems for airtime, which came to light yesterday, following the arrest of a suspect believed to be the kingpin, lends credence to Wolfpack’s concerns.
Hawks spokesperson captain Paul Ramaloko says he cannot go into detail on the method the suspect used. He says the suspect, a Latvian national who has been living in SA illegally over the past two years, was caught “in the act” of hacking at his cottage in Wilro Park yesterday.
MTN and SA’s specialised crime unit swooped on the West Rand residence, after an 18-month investigation and continuous monitoring of MTN’s systems.
Ramaloko says a docket, opened by MTN in 2011, states the operator had already incurred a R10 million loss from the virtual theft. In a statement yesterday, however, MTN claimed the loss amounted to R5 million, to date.
The suspect, who is believed to be the head of a greater cyber crime syndicate, will appear in the Johannesburg Specialised Commercial Crime Court today. “This will be his first appearance and the case will be postponed for further investigation and background checks. The outcome of the investigation will be presented to the court for judgement,” says Ramaloko.
He says the latest arrest, which the Hawks expect to be the first of many more to come, is one of a series of investigations the unit has carried out with MTN.
MTN CIO Louis Nel said this morning the operator was currently only aware of a R5 million loss.
As to why it took the company so long to track down the cyber criminal, Nel says MTN had to follow due process. “We were always aware from the day we detected the hacking, but the legal process is very intense with regard to cyber fraud. Proper investigation with the SAPS/Cybercrime Unit was done.”
He says, in light of the increase in cyber threats, MTN has tightened its security controls and monitoring measures. “A dedicated security command centre was created where all threats on a daily basis are being detected and monitored, and the team is taking appropriate action.”
Over the past 18 months, says Nel, significant capital investments were made in MTN’s IT and network security systems. “We were able to track and block all access attempts from the hacker since the initial breach. The security and processes with regard to SIM swaps were also significantly improved over the past year.”
Nel says cyber crime is on the increase globally and MTN regards the recent arrest as a “big breakthrough”.
No comments:
Post a Comment