5G security challenges and threats
The telecommunication sector is undergoing a transformation with the introduction of 5G technology, presenting vast potential and a myriad of opportunities. However, as technology advances, threat actors are becoming more sophisticated, posing a significant challenge for communication service providers (CSPs) in maintaining robust security measures. The Nokia Threat Intelligence Report 2023 sheds light on the trends surrounding 4G and 5G security attacks, malware incidents, Distributed Denial-of-Service (DDoS) attacks, and other telco cyber threats affecting fixed and mobile networks worldwide.
Here are some key findings of the report.
IoT bots account for 60% of attacks on mobile networks
The report revealed that 60% of attacks on telecom mobile networks are associated with Internet of Things (IoT) bots scanning for vulnerable hosts to build their botnets for executing DDoS attacks. This rapid proliferation of IoT bots has become a major concern for CSPs.
Furthermore, more than 30% of CSPs surveyed in a Nokia/GlobalData study said that they experienced eight or more security breaches in the past 12 months, highlighting the growing struggle to cope with the evolving threats.
Additionally, CSPs are grappling with fragmented security tools, making it challenging to effectively deploy security capabilities across various systems and use cases.
Malware attacks
The report found that 35% of the detected malware attacks were due to ad-click bots, crypto-miners, and banking trojans, accounting for 15%, 11%, and 9% respectively. While adware incidents experienced a decline of 25%, crypto-mining attacks remained steady, and banking trojans nearly doubled, rising from 5% in 2021 to 9% in 2023.
Despite a decrease in residential malware infection rates to 1.5%, it continued to surpass pre-pandemic levels, which stood at 1%.
Scanning for potentially vulnerable devices remained the predominant form of malware activity, accounting for 88% of attacks in fixed networks and over 90% in mobile networks. Once a vulnerable device is detected, the malware initiates a sequence of attacks, aiming to exploit the vulnerability with the goal of incorporating the target device into a botnet.
