Telecoms industry sees a higher percentage of advanced attacks
Threat intelligence specialist Lastline produces regular reports on the global cyberthreat landscape.
Its latest study looks at the telecoms industry and how the threats it faces differ from those in the wider world. Among the findings are that the industry sees a higher percentage of attacks (one in 10) exhibiting advanced threat capabilities, which is greater than the global standard of one in 12.
While telecom companies already have adequate security in place, attackers are creating an even more challenging threat environment for these companies. They see a higher proportion of malicious files in network traffic -- one in 370 as against one in 500 globally. Fewer types of files are used to deliver malware in this sector too, with the main focus being on email as the means of compromise via infected text and zip files.
The report also finds that specific attacks -- such as Loki password stealer payloads -- are not being remediated, and it's not clear why the industry isn't addressing these threats. There's also an issue that attack descriptions provided by VirusTotal are generic, without the details needed to fully remediate an attack – leaving telecom companies vulnerable to repeat attacks.
The report's authors conclude, "There were significant differences in the trends seen in Telecom Services compared to the global trend: Threats arriving in Telecom Services organisations are ahead of the curve, essentially a Day0 attack, with very few prior submissions of samples being evidenced on VirusTotal. These malspam attacks represent the tip of emerging campaigns and reflect the inherent criminal value in stolen email credentials."
You can read more about the findings in the full report available from the Lastline website.