High time for telcos to start offensive and defensive approaches: Astra Security

Business owners care about keeping their businesses safe. But, cybersecurity gets complicated! There’s a firewall, an anti-virus, malware protection, server security, mobile app protection. Now, the telecom industry is also taking steps for protection against cyber threats.

Here, Shikhil Sharma, Founder and CEO, Astra Security, tells us more. Excerpts from an interview:

DQ: What is Astra Security's take on the rise in cybersecurity attacks in the telecom industry in 2021 and how to curb them?

Shikhil Sharma: It is clear that hackers are after critical data. The motivations of hackers are not limited to just bragging about a vulnerability they found in a telecom, the intentions are cruel. Right from customer information being sold on the deep web to data simply leaked intentionally by the hackers -- it's been a rough year already for the enterprises including telcos.

For some attacks, cyber extortion/ransom is the reason and for some others, even worse, like state-sponsored attacks.

To curb such attacks, it is high time for telcos to start with both offensive and defensive approaches. These approaches need to be coupled with strict employee training, continuous security audits and vendor verification.

With huge infrastructure, work force and vendors that telcos deal with, they are as secure as their weakest link.

The weakest link can be their people who are subject to social engineering attacks or vendors who integrate their solutions with telco’s core infrastructure.

DQ: Why is it important for the telecom companies to get their security audits done timely?

Shikhil Sharma: It is not only important for telecom companies, but every vendor that integrates with them should be audited. Security audits are super crucial to ensure that all vulnerabilities are uncovered even before going into production. Because if we’re waiting to go into production, it’s a race against threat actors.

Truth be told, we are talking about AI- and machine learning-powered solutions in cyber security, but we are still a bit far from a future where complete vulnerability scanning is completely done by such machine learning-powered tools. Simply because, human-powered security audits ensure that business logic vulnerabilities are taken care of.

If security teams are not interacting with development and infrastructure teams every day and helping them prioritize the results from security audits, then telcos are just setting them up for another attack.

Further, closer the security teams work with development engineers, the more secure coding practices they’ll start following right at the start. It’s an endless journey, always.

DQ: Why should telecom companies be more worried about cybersecurity attacks and how to prevent them?

Shikhil Sharma: There is a lot of buzz around 5G, the Internet of Things (IoT) is becoming huge, and we’re talking about having your entire life on a phone. All of this is routed through telcos, making them central to all the action. Considering how important their position in this new reality is, they are bound to be always on the target list of the hackers.

Cyber warfare and state-sponsored attacks have become a thing, which gives hackers a pseudo immunity (at least in geography) to do what they have to do and rather get rewarded for that. No global cyber laws add to the misery.

To prevent such hacks, the security policy of telcos needs to be right at the center of every operation. Be it marketing, support, infrastructure and of course technology - security has to be paramount and spread across all departments. A well-equipped security operation center along with right tools that help see a threat from a mile should be implemented.

A huge focus on preventing social engineered attacks should be made. Regardless to say, security audits and red teaming activities need to be speeded up followed by a better vulnerability prioritization.

DQ: What are the current trends of cybersecurity that we can see in the telecom industry?

Shikhil Sharma: I think two trends that telcos should definitely focus on are continuous security audits with better prioritization and using machine learning-powered tools to get a better sense of data from their SIEMs.

Continuous security audits will help telcos ensure they are able to see the potential threats from a mile. With a ton of data available, choosing what exactly could be a big potential threat is indeed a challenge, even with the most advanced SIEM solutions.

Tools to check on infrastructure leaks is a big one here. The first thing hackers look for are badly configured AWS buckets, git repositories etc. Such tools for continuous monitoring would massively help organizations. Having said that, security is best done in layers, there’s not one magic solution that’ll work. It’s always a journey.