Why the Fate of Nations May Rest on the Shoulders of Mobile Operators

Picture the scene. The year is 2021, a global pandemic has brought the world to a virtual standstill. Remote working is no longer a perk and ‘Zooming’ is just the ‘new normal’. For mobile operators, it’s a double-edged sword. On one hand there is opportunity but on the other, there is disruption and soaring demand. But like a bolt from the blue, it’s revealed that a hacking group has infiltrated telco networks worldwide and it has been plotting and scheming under the radar for years.

This is the new reality facing the telecommunications industry. And this is what our study of the 2022 trends revealed for mobile operators.

The hacking group in question calls itself LightBasin and was most likely sponsored by China to monitor mobile traffic and extract subscriber information from unsuspecting operators. To the best of our knowledge, LightBasin is still an active threat to this very day. Nation-state cyber conflict has now reached such a level of maturity that bits and bytes are being prioritized over boots and bullets on the geopolitical stage. One report titled Nation States, Cyberconflict and the Web of Profit, revealed that “significant” nation-state incidents had increased by 100% between 2017 and 2020, and it just so happens that mobile operators are a favored target of the world’s most sophisticated hacking groups.

Tinker tailor soldier… why?

While there’s still much we don’t know about the LightBasin attack or the countless other nation-state-linked attacks against mobile operators in the past year, and we can speculate that their ultimate goal was the facilitation of cyber espionage. But what’s in it for the perpetrators? Why mobile operators?

If a threat actor can penetrate a mobile network, it can access an individual’s messages, phone calls, data, contacts, location and movements, such is the pervasive presence of these smart devices in our lives. Alarmingly, threat groups can now purchase software such as Simjacker or NSO’s Pegasus that will allow them to penetrate a user’s device without them even having to interact with it. Target the right network, with the right device, belonging to the right user, and the espionage value becomes crystal clear.

And let’s not forget about gateway potential. While nation-state-sponsored attacks usually have designated targets in mind, like all bad actors they are opportunists at heart. Our civilisation is moving toward the cloud, which means the lines between telecommunication, information technology and operational technology infrastructures are beginning to blur. In other words, our attack surface area has become a sprawling web of opportunity for actors that want to disrupt, destabilize and deconstruct entire countries. All of this, and we’ve barely mentioned profit-driven motives like ransomware or the auctioning of valuable stolen information.

From Russia with love?

So, pressing on into the uncharted waters of 2022, it seems the fate of entire countries may rest on the shoulders of mobile operators and their ability to defend against C2 and DDoS attacks. In a C2 attack, shorthand for “command and control”, malware is deployed and uses evasive tactics such as profile spoofing to avoid detection and establish a remote covert channel between a compromised host and the attacker’s server. This is precisely what the LightBasin group did when it infiltrated 13 telecommunications companies around the world. Distributed Denial of Service (DDoS) attacks are also being increasingly employed to disrupt nations by crippling their communications infrastructure while making ransom demands.

What’s a mobile operator to do?

The bolstering of cyber defences starts with a deep analysis of the strengths and weaknesses of current signaling and messaging security tools, as well as addressing the chronic lack of core network monitoring and tooling in the industry. We also need to get better – much better – at monitoring and controlling traffic passing between operators.

An increase in nation-state-sponsored cyber espionage is just one of seven big predictions we’ve made for the year ahead. To read more about this and the other six, including the big push to greener communications and how private versus standalone 5G might be a case of the tortoise and the hare.

Download this year’s report: 7 Trends That Will Shape the Mobile Industry In 2022.

Related insights

Globe with multiple screens displaying images and trends

Enea Retrospective: What Did We Get Right in Our 2023 Trends Report?

Read more

Tags: Cybersecurity, IoT, MNO, Mobile Security

Mobile Survey Identifies Global Security Gaps as Networks Converge

Mobile Survey Identifies Global Security Gaps as Networks Converge

Read more

Tags: Cybersecurity, Mobile Security, Network Security, Security

Enea MWC Expert Sessions

Read more

Tags: Voice Security, Wi-Fi Offloading

Mobile Trends report cover image

5 Mobile Trends to Expect in 2024

Read more

Tags: Cybersecurity

RCR Wireless

Road to 5G: Navigating the complexities of 5G hyperscaling

Read more

Tags: 5G, 5G Core, Cloud Native