Tag: Telecoms | Page 3

Apple’s Private Relay Roils Telecoms Around the World

January 12, 2022/in Mobile Security

When Apple pushed iOS 15 out to more than a billion devices in September, the software update included the company’s first VPN-like feature, iCloud Private Relay. The subscription-only privacy tool makes it harder for anyone to snoop on what you are doing online, by routing traffic from your device through multiple servers. But the tool has faced pushback from mobile operators in Europe—and more recently, by T-Mobile in the US.

As Private Relay has rolled out over the past few months, scores of people have started to complain that their mobile operators appear to be restricting access to it. For many, it’s impossible to turn the option on if your plan includes content filtering, such as parental controls. Meanwhile in Europe, mobile operators Vodafone, Telefonica, Orange, and T-Mobile have griped about how Private Relay works. In August 2021, according to a report by the Telegraph, the companies complained the feature would cut off their access to metadata and network information and suggested to regulators that it should be banned.

“Private Relay will impair others to innovate and compete in downstream digital markets and may negatively impact operators’ ability to efficiently manage telecommunication networks,” bosses from the companies wrote in a letter to European lawmakers. However, Apple says that Private Relay doesn’t stop companies from providing customers with fast internet connections, and security experts say there’s been little evidence showing Private Relay will cause problems for network operators.

Apple’s Private Relay isn’t a VPN—which carriers freely allow—but it has some similarities. The option, which is still in beta and is only available to people who pay for iCloud+, aims to stop the network providers and the websites you visit from seeing your IP address and DNS records. That makes it harder for companies to build profiles about you that include your interests and location, in theory helping to reduce the ways you’re targeted online.

To do this, Private Relay routes your web traffic through two relays, known as nodes, when it leaves your iPhone, iPad, or Mac. Your traffic passes from Safari into the first relay, known as the “ingress…

Source…

Nigerian Government Warns Of New Iran-based Hacking Group Targeting Telecoms Companies

November 15, 2021/in Computer Security

The Nigerian Communications Commission (NCC) has called the attention of the Nigerian public to the existence of another hacking group orchestrating cyber espionage in the African telecoms space.
NCC issued the warning saying that efforts were on to keep stakeholders in the country’s telecoms sector informed, educate and protected.

The commission identified an Iranian hacking group known as Lyceum (also known as Hexane, Siamesekitten, or Spirlin) to have reportedly been targeting telecoms, Internet Service Providers (ISPs) and Ministries of Foreign Affairs (MFA) in Africa with upgraded malware in a recent politically motivated attacks oriented in cyberespionage.
The information about this cyber attack is contained in the latest advisory issued by the Nigerian Computer Emergency Response Team (ngCERT).
The ngCERT rated the probability and damage level of the new malware as high.
According to the advisory, the hacking group is known to be focused on infiltrating the networks of telecoms companies and ISPs.
Between July and October 2021, Lyceum was reportedly implicated in attacks against ISPs and telecoms organisations in Israel, Morocco, Tunisia, and Saudi Arabia.
The advanced persistent threat (APT) group has been linked to campaigns that hit Middle Eastern oil and gas companies in the past.
The group now appears to have expanded its focus to the technology sector.
The APT is also responsible for a campaign against an unnamed African government’s Ministry of Foreign Affairs.
By the attackers’ mode of operation, Lyceum’s initial onslaught vectors include credential stuffing and brute-force attacks. So, once a victim’s system is compromised, the attackers conduct surveillance on specific targets. In that mode, Lyceum will attempt to deploy two different kinds of malware: Shark and Milan (known together as James).
Both malware are backdoors. Shark, a 32-bit executable written in C# and .NET, generates a configuration file for domain name system (DNS) tunnelling or Hypertext Transfer Protocol (HTTP) C2 communications; whereas Milan – a 32-bit Remote Access Trojan (RAT) retrieves data.
Both are able to communicate with the group’s command-and-control (C2) servers. The…

Source…

We’ll drop SBOMs on UK.gov to solve Telecoms Security Bill’s technical demands, beams Cisco • The Register

August 10, 2021/in Internet Security

Britain’s Telecoms Security Bill will be accompanied by a detailed code of practice containing 70 specific security requirements for telcos and their suppliers to meet, The Register can reveal.

The Telecom Security Bill (TSB), which is near the end of its journey through Parliament, has been rather unpopular with some ISPs who have previously complained about the high cost of compliance.

Introduced as part of 2019-20’s “ban Huawei immediately” panic, the bill includes provision for £100k-a-day fines.

Now El Reg can reveal more about the detailed requirements due to be imposed on the industry, thanks to Cisco publishing a detailed paper [PDF] explaining how it already complies with UK.gov and National Cyber Security Centre requirements. That paper is a response to a document called the Vendor Annex, an NCSC-authored technical bolt-on to the main bill.

“We expect that the way it will work is there will be some expectation that the operators will be obliged to do much more scrutiny when they go through their procurement exercises with telco vendors,” Cisco’s UK&I national cybersecurity advisor, Mark Jackson, told The Register.

Jackson added that many of the requirements in the bill and the Vendor Annex could be satisfied through provision of a software bill of materials (SBOM), though that specific term isn’t mentioned. SBOMs as a security management concept have come in for some criticism recently because they could create the illusion that picking (for example) one specific software library and saying “job done, it’s secure” doesn’t set the expectation that the library will need updating in future.

This kind of problem was endemic in Huawei’s mobile network equipment firmware, as NCSC’s Huawei examination cell revealed in 2019. The Chinese firm was, among other things, using “70 full copies of 4 different OpenSSL versions” which contained 10 “publicly disclosed” vulns, some “dating back to 2006”.

Referring to the…

Source…

What does the UK government’s Telecoms Security Bill mean for the future of the industry? – Telecoms.com

July 26, 2021/in Computer Security

Telecoms.com periodically invites expert third parties to share their views on the industry’s most pressing issues. In this piece Matias Madou, Co-Founder & CTO of Secure Code Warrior, looks at the implications of a new piece of UK, telecoms-specific legislation.

The Telecoms Security Bill, which seeks to introduce a new security framework for the UK telecoms sector, is currently being passed through the UK parliament. The bill aims to ensure that public telecommunications providers operate secure and resilient networks and services, and manage their supply chains appropriately.

Telecoms, like many other industries, have relied on a reactive approach to security for far too long, and while the new rules introduced by the bill don’t prioritise a grass-roots approach to security led by secure coding, it does introduce a series of tests to ensure providers are meeting government standards. So, what exactly does the bill mean, and how are these new rules going to ensure that security risks and compromises are minimised in the sector?

Raising security standards, across the board

To put it simply, the Telecoms Security Bill aims to empower the government to boost the security standards of the UK’s telecoms networks, whilst removing the threat of high-risk vendors. These measures include new controls on the use of Huawei 5G equipment, for example, including a ban on the purchase of new Huawei equipment from the end of this year, and a pledge to remove all Huawei equipment from 5G networks altogether by 2027.

Another key change is around penetration testing, or “pen-testing” – under the new regulations, telecom providers will be required to pen-test their networks annually. Although many providers already test their networks regularly, the new security framework will make the practice compulsory. In order to the understand the potential impact of the bill, we need to drill down into what pen-testing actually and why it’s so essential for the industry.

Compulsory annual pen-testing

Pen-testing is a security technique designed to identify, test and flag vulnerabilities in IT systems. This is done by allowing “ethical hackers” to simulate cyberattacks to test the…

Source…

Tag Archive for: Telecoms