The Growing Challenges of Service Provider Security Breaches

By Marc Meulensteen On February 4, 2014
Security Testing

In light of recent high-profile security breaches, new rules and regulations regarding breach reporting have been in the spotlight lately. While some service providers and Internet Service Providers (ISPs) have protested the new directives, the larger question is, “What can operators do to protect themselves and their customers?”

First, we need to take a look at how security breaches happen in the first place. There are many different ways service providers are vulnerable to security breaches. The most obvious is the vulnerability of the actual service or device directly related to the service. When a SNC, similar to the ancient PABX or phone switch, gets attacked by a DDoS, it stops working. This shuts down phone traffic causing revenue loss, image damage, and worse—public danger due to the security breach.

Another vulnerability resides deeper in the network, or lower on the OSI model within a network device and/or a router or switch. When a core router is under attack, it stops working and an entire region is without service. The fallout from such an attack can be devastating.

Additionally, network traffic is increasing, yet bandwidth usage is fixed. The mobile experience is exploding and the wealth of applications running on mobile devices, laptops, computers, etc. are all competing for bandwidth. This traffic makes it easier for hackers to overload and attack a system.

So, how do service providers protect themselves and their customers? Security is a trade-off between performance, functionality, and profit on one side and protection and risk on the other. You can protect a system 100% by disconnecting it from the Internet, disabling all external connections like USB, Bluetooth, Ethernet etc., but that’s the same logic as protecting your new car by leaving it parked in the garage.

A realistic, yet comprehensive approach to security involves awareness and strong security policies at various organizational levels. A technology solution with next-generation firewalls is a must, as well as, protection for crucial network devices such as core routers. Testing is key. Devices must be tested for risk prior to deployment. Service providers must perform regular penetration testing, essentially simulating an attack on its own network before the hackers do. This enables them to identify potential security risks and fix them before data breaches occur.

How confident are you about the safety of your network?

comments powered by Disqus
× Spirent.com uses cookies to enhance and streamline your experience. By continuing to browse our site, you are agreeing to the use of cookies.