|Телеком||ТВ и медиа||Облака||ПО||Кадры|
|ИТ в образовании||ИТ в медицине||Big Data||E-commerce||Спутниковая связь|
|Все новости||World News|
Mobile Networks Face a Growing Security Crisis
|22 ноября 2010|
Equipment vendors must adopt more secure development and design practices to correct the security vulnerabilities in their network infrastructure equipment as mobile operators transition to advanced broadband services, according to a major new report from Heavy Reading.
"Until relatively recently, the mobile industry has been somewhat removed from security threats. It has been possible to treat the low-level fraud that has been with the mobile industry since its inception as a minor irritant," says Patrick Donegan, Senior Analyst of Heavy Reading. "The data-oriented direction that the mobile industry is embarking on will expose the mobile network to a variety of new security challenges."
At the same time the mobile industry is evolving, cyber-attacks are gaining a higher profile within society as a whole, Donegan explains. "So where mobile network security was once taken for granted, operators, infrastructure vendors, handset vendors, and application providers are being called to account as never before and asked for reassurance, near-term solutions, and long-term roadmaps that will ensure that the next 20 years of the mobile industry's evolution are built on as secure a platform as the first."
Key findings of Next-Gen Security Strategies for Mobile Network Infrastructure include the following:
Awareness of the importance of network security is growing. The recent, high-profile cyber-attacks on Google, the US military, the governments of Georgia and Estonia, and power plants in Iran have raised awareness of network security to a new level. With the increasing pervasiveness of computing and Internet connectivity, the scale of what an attack can achieve is staggering. This is leading organizations of all types (including organized crime, terrorist groups, and some nation-states) to invest enormous time and resources into designing cyber-attacks.
The mobile network has traditionally been less vulnerable to attacks than the wireline network, but that gap is closing. The mobile network has had much less exposure to IP traffic and IP end-points, but it is growing as mobile operators acquire more mobile broadband subscribers and become true ISPs. In the architectural transition to LTE, operators will remove TDM from the network and replace it with IP protocols, which are much easier to attack. And after 20 years in commercial service, the original A5/1 encryption algorithm for GSM is finally at risk of being broken and will need supplementing with the later A5/3 algorithm.
The changing security landscape gives primary infrastructure vendors a major opportunity to differentiate their value proposition for mobile operators. Optimal mobile network security requires a layered approach, and one key layer is the security of the operator's base stations, RNCs, gateways, switches, routers, and transmission equipment. A comprehensive assessment of the security offered by these products encompasses the security of the development environment in which they are brought to market; some of the design aspects associated with their hardware and software platforms, and the interaction between the two; and their support of the security feature roadmaps defined by the likes of 3GPP and the IETF.
Источник: Cellular news