Telecommunications providers under pressure over cyberattacks

Share post:

The recent unauthorized access to AT&T’s Customer Propriety Network Information (CPNI) via a vendor’s system has refocused attention on flaws in the security programmes of major telecommunications providers.

Despite the fact that the data did not contain credit card numbers, Social Security Numbers, account passwords, or other sensitive personal information, the companies cybersecurity infrastructure has been called into question. According to Cyble, by 2023, more than 74 million US telecom customers’ data will have been leaked on the dark web.

Third-party vendor breaches were involved in each of the attacks detailed in the report. These third-party vendors are said to pose an increasing security risk because it is difficult for businesses to thoroughly vet a new contractor’s security stack before signing a contract.

Another factor that contributes to the attack is that major telecom and wireless providers sell their customers’ mobile data to advertisers, bringing in a new set of vendors who can access and exploit vulnerabilities in their security systems.

The most common attack types extend beyond the high-profile data breaches that make headlines. This is because malicious actors can use the information, they obtain to launch so-called SIM-swapping attacks, in which a hacker can remotely take over a phone number. These SIM-swapping attacks can then lead to malicious hackers stealing multifactor authentication codes and gaining access to people’s most secure accounts.

The vulnerability of the telecom sector to cyberattacks, according to Marcus Fowler, CEO of Darktrace Federal, has put industry pressure on them to bring in new vendors to help them expand their business lines. To address this, the FCC is working on an update to its data breach notification rules for telecom and wireless carriers.

The sources for this piece include an article in Axios.

SUBSCRIBE NOW

Related articles

Microsoft Ends Support for Office 365 Apps on Windows 10: Hashtag Trending for Friday, January 17, 2025

Microsoft announces they won’t support  Office 365 on Windows 10, D-Wave achieves a quantum computing milestone, TikTok prepares...

Hackers Mount High Speed Microsoft 365 Attack: Cyber Security Today – January 17, 2025

Hackers exploit a high-speed Go library to target Microsoft 365 accounts worldwide, North Korea’s Lazarus group lures developers...

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways