Telecoms companies have become the primary targets of cyberattacks in the first half of 2024, according to a report by cybersecurity firm Kaspersky.
The industry experienced a surge in cyber incidents, “there were 284 cybersecurity incidents per 10,000 systems,” according to Kaspersky Managed Detection and Response (MDR) statistics for January-June 2024.
“A successful attack, especially an advanced one, on a telecoms company can expose millions of customers’ records, including contact details, social security numbers, and credit card information,” Sergey Soldatov, head of Kaspersky Managed Detection and Response warns. “It can also serve as a possible springboard for further attacks on clients through trusted relationship exploitation. That’s why this sector is so attractive for cybercriminals.”
Kaspersky: Telecoms networks are crucial for modern society
Kapspersky also reveals that telecoms companies faced the highest average number of critical incidents, with 32 attacks per 10,000 systems. “Critical incidents are human-driven attacks or malware threats that have a potential or actual significant impact on the company’s infrastructure,” Soldatov says.
The vulnerability of its infrastructure has far-reaching implications. Telecoms networks are crucial for many services in modern society, from banking to healthcare. If these networks are breached, it could cause major disruptions, leading to financial losses and harm to the companies’ reputations.
Beyond telecoms, Kaspersky reveals that mass media and construction industries have also been targets of cybercriminals in the first half of 2024. According to the MDR statistics, “Mass media companies experienced 180 attacks per 10,000 systems, while the construction development, food and industrial sectors followed with 179, 122 and 121 incidents, respectively.”
“The mass media organisations become an increasingly frequent target during international conflicts, which are often characterised by information warfare in which they play a crucial role. The construction development firms, in turn, have significant cash flows and rely on subcontractors, making them vulnerable to attacks via trusted partners’ infrastructures and spear phishing,” Soldatov says.
To counter these threats, Kaspersky recommends a multi-layered approach to cybersecurity,
“Have strong endpoint protection that builds up your security with EDR and XDR, such as Kaspersky Next.
In addition to adopting essential endpoint protection, use a corporate-grade security solution that detects advanced threats on the network level at an early stage, such as Kaspersky Anti Targeted Attack Platform.
Implement Managed Detection and Response (MDR) to proactively seek out threats.
To make sure infrastructure is not compromised, periodically conduct compromise assessment, and in case of clear evidence of a cyberattack, start incident response.
To build own internal security operations, SOC consulting services can help.
Provide your SOC team with access to the latest threat intelligence (TI), such as with the Kaspersky Threat Intelligence Portal.
Upskill your cybersecurity team to tackle the latest targeted threats, for example with Kaspersky Expert Training (xTraining).As many targeted attacks start with phishing or other social engineering techniques, introduce security awareness training and teach practical skills to your team – for example, through the Kaspersky Automated Security Awareness Platform.”