2020年移動通訊網絡安全展望 - 全球移動通信系統協會（英文版）（28頁）.pdf

1、Mobile Telecommunications Security Threat Landscape January 2020 COPYRIGHT 2020 GSMA 1 Executive Summary 2 Introduction 3 Threat Landscape Structure 5 Cloud and Virtualisation 6 Internet of Things 8 Securing the 5G Era 10 Securing Device Applications 12 Security Skills Shortage 14 Signalling Threats

2、 16 Software Threats 18 Supply Chain Resilience 20 2020 and Beyond 22 5G standalone and scaled security 22 Network visibility 23 Increased blended attacks 23 Supply chain service impact 23 Final Thoughts 24 GSMA Member Security Services 25 About the GSMA 26 About the GSMA Fraud and Security Team 26

3、Contents MOBILE TELECOMMUNICATIONS SECURITY THREAT LANDSCAPE MOBILE TELECOMMUNICATIONS SECURITY THREAT LANDSCAPE Executive Summary 2 Welcome to the GSMA 2nd Annual Threat Landscape Report As we enter the era of intelligent connectivity we are seeing ever more complex networks, both in the services t

4、hey offer, in the use cases they will enable, and the range of technology used to build them. Not only will such networks be critical to economic and societal health they will also be attractive to attackers and it is important that the industry is motivated to identify and mitigate the threats. The

5、 threat surface is increasing and with the continued presence of 3G and 4G networks in the ecosystem, traditional threats and vulnerabilities will have to be continually mitigated and managed. Many threats are able to be anticipated and with good hygiene, continued action and vigilance, mitigated. N

6、ew mitigation opportunities are arising through automation, machine learning and artificial intelligence, however these must be married to good procedural practices and appropriately skilled security staff, coupled with good strategic risk management practices. Threats must be managed across people,

7、 process and technology and across the full lifecycle from definition through deployment, operation and ultimately decommissioning. The supply chain continues to be a critical consideration in the threat landscape. This guide gives insights into the threat landscape of the mobile telecommunications

8、ecosystem, details key dimensions of consideration, and offers guidance to mitigate and tackle such threats. MOBILE TELECOMMUNICATIONS SECURITY THREAT LANDSCAPE Introduction The mobile telecommunications industry is under daily attack. The industry understands that no threat can be tackled in isolat

9、ion, and that threat actors will continue to exploit vulnerabilities in deployed technologies to achieve their goal. In the face of this persistent threat it is crucial to develop a broad understanding of evolving threats facing the industry. Our aim is to advise on the current threats and highlight

10、 potential future threats affecting the mobile telecommunications industry. THE GSMAS DESIRE IS TO ENHANCE AWARENESS AND ENCOURAGE APPROPRIATE RESPONSES TO SECURITY THREATS. 3 and will remain for many years before closure. The protocols and systems in use in these generations were never designed for

11、 the world they are being used in today. Compensating controls, and retrospectively building security post initial deployment, is cumbersome and as such the mobile industry has to implement several add-on security technologies and requirements. However, as the industry evolves, known threats become

12、more defined and progress to defend against them is being made. The GSMA believes security threats have been on the rise and will continue rising with the adoption of new technologies and services within an expanding ecosystem. Security must move with the threat and enable technology adoption if it

13、is to outmanoeuvre those working against the industry. One overarching, ongoing challenge the industry faces is the lifespan of the technology they support. 2G and 3G networks still account for 50% of network traffic. The technologies these networks rely on have been in place since the 1990s FIGURE

14、1 2019 INDUSTRY THREATS Next generation mobile will deliver feature rich intelligent connectivity and we must ensure it remains secure and resilient. Jon France, Head of Industry Security , GSMA Supply Chain Threats Device Threats Securing the 5G Era Internet of Things Threats Software Threats Secur

15、ity Skills Shortage Signaling Service Threats Cloud Threats 2019 INDUSTRY THREATS MOBILE TELECOMMUNICATIONS SECURITY THREAT LANDSCAPE 4 Threat Landscape Structure MOBILE TELECOMMUNICATIONS SECURITY THREAT LANDSCAPE 5 This second version of the GSMA Security Threat Landscape report aims to provide un

16、derstanding of mobile telecommunications threats at a high level. Each chapter in this report represents a single threat domain. All chapters that appeared in the 2019 report have been updated to reflect the current threats facing the industry. As the threat landscape has evolved, several threats se

17、en in the past have been relegated to a lower status and been replaced with new threats (figure 1). This does not mean that legacy threats have disappeared. They still need to be addressed. As a result this report builds on the 2019 Security Threat Landscape to present an updated view of the evolvin

18、g threat landscape.1 For each threat the GSMA aims to outline the nature of the threat to the industry, offer insight and propose recommendations and actions the industry could implement. Each chapter is structured as follows: THE GSMAS OVERARCHING VIEW OF THE THREAT FURTHER INSIGHTS INTO THE THREAT

19、 RECOMMENDATIONS PROPOSED BY THE GSMA 1 MOBILE TELECOMMUNICATIONS SECURITY THREAT LANDSCAPE Cloud and Virtualisation 2 A private cloud is a particular model of cloud computing that involves a distinct and secure cloud based environment in which only the specified client can operate. 3 cloud.2 Any po

20、tential economies of scale, offered through virtualisation and cloud services, will only be realised if the security controls remain consistent when implemented. implemented correctly. Once designed, the template-driven aspects of virtualisation allow automated deployment of systems that are secure

21、by default, an aspiration of current and future networks. A combination of poor implementation and a lack of the correct skills within the industry can result in these controls being misconfigured or configured inconsistently, meaning a missed opportunity to protect the network; conversely, the misc

22、onfiguration can also result in a number of threats (figure 2) being realised.3 Cloud services usage is on the rise year on year. This includes IT and telecommunications alike, albeit telecommunications services currently prefer private Virtualisation, and as such cloud threats, are well understood

23、(figure 2). Protecting against these threats requires a combination of traditional IT hygiene controls and recognition of the structural and supply chain changes affecting the network, especially in relation to visibility (data, asset etc.). Cloud services rely on virtualisation, where it can offer

24、granular security controls and policies if designed and FIGURE 2 CLOUD AND VIRTUALISATION THREATS globe?database TRADITIONAL IT AND HYGIENE THREATS Poor patching practices Virtualisation aware malware Lack of network visability Inappropriate access controls DATA, RESOURCE LEAKAGE Insecure API/interf

25、aces Misconfigured isolation controls RESILIANCE Geographical Vendor 6 Design and implement resilience through redundancy and use of multiple availability zones. Subject virtualised systems to the same IT hygiene best practice as physical systems. This includes patch management, vulnerability manage

26、ment, hardening practices, authentication, access controls etc. Cover in-life threat modelling as part of the ongoing risk management process. Develop a threat model for each deployment model and consider hypervisor-based attacks, VM-based attacks, and VM image attacks If outsourcing, ensure that th

27、e above expectations are passed on to the vendor via the request for information (RFI) / invitation to tender (ITT) process Check that suppliers hold appropriate compliance to industry-standard certifications to assure that it is following industry best practice and regulations4 Develop and retain a

28、ppropriate skillsets amongst staff to manage cloud deployments, specifically cloud-based security skills5 Cloud services and internal virtualisation mechanisms benefit from similar controls, these include: Local policy covering all cloud delivery and deployment models. Specific controls may relate t

29、o provisioning, service implementation, vendor choice, data management and destruction, and threat detection services Use microsegments to isolate high security or legacy areas; use virtualisation-aware security tooling to enforce policy and monitor these segments Isolate services, memory, tenants a

30、nd processes effectively. Only house like-for-like security levels on the same hypervisor Use modem hardware that supports appropriate security controls and that these are enabled and supported within the virtualisation layer Purchase security controls that are virtualisation-aware and are able to p

31、rotect microsegments and virtual services. Adopt the same approach for cloud services Develop consistent management and orchestration (MANO) services that include security controls at build phase (secure by design) 4 https:/cloudsecurityalliance.org/star/ 5 The Cybersecurity Insiders Cloud Security

32、Report 2019 highlights that 26% of people cite that a lack of skills impacts their ability to secure cloud services; 41% say that a lack of training and skills stop them updating to cloud based specialised security tooling. MOBILE TELECOMMUNICATIONS SECURITY THREAT LANDSCAPE 7 MOBILE TELECOMMUNICATI

33、ONS SECURITY THREAT LANDSCAPE on enterprise IoT devices being attacked and becoming unavailable is not only a service quality threat but potentially a health and safety, and patient care concern. The number of IoT devices being added to botnets increased in 2019 and a change in attack vectors to tar

34、get enterprise IoT devices has been identified.6 The impact FIGURE 3 IoT BOTNET Internet of Things 6 Shodan is a search engine for Internet-connected devices and it reports a 15,000 growth of insecure MQTT devices in 2019 Supply Chain Threats Device Threats Securing the 5G Era Internet of Things Thr

35、eats Software Threats Security Skills Shortage Signaling Service Threats Cloud Threats 2019 INDUSTRY THREATS 1234 A botnet is owned by the attacker, who is referred to as the bot master The bot master controls the bot and deploys the initial malware infection into the IoT Insecure IoT devices are lo

36、cated and they are added to all the botnet. Once added at is used to locate other vulnerable IoT devices The victims network receives trafc from infected IoT devices once, saturating the vulnerable IoT devices 8 Where passwords cannot be changed, segregate the IoT devices within the network and plac

37、e compensating controls in place Where legacy (i.e. vulnerable M2M) devices, infrastructure and operating systems are in place, segment these services away from other areas of the network Enable segment blocking in the event of an attack Identify what a device is and sense-check the data received/tr

38、ansferred ensuring it is sending the anticipated/expected data to the right location: Monitor IoT device traffic e.g. for unexpected outbound widget or PowerShell requests attempting to pull malicious payloads on to your IoT devices Restrict access to IoT devices by placing them behind network defen

39、ces Restrict outbound activity for IoT devices that do not require external access. (e.g. using IP address white- listing, barring of SMS/voice services etc.) Prepare an incident response plan for when the network is attacked by a botnet GSMA Intelligence estimates a total of 13 billion IoT connecti

40、ons in 2020, a year-on-year growth of 15%. 57% of these are classified as consumer IoT connections and 43% are classified as enterprise IoT.7 This trend is expected to continue with an estimated 25 billion IoT connections by 2025.8 The Vodafone IoT Barometer highlights how all industries surveyed we

41、re adopting IoT initiatives and with senor dense environments such as logistics and manufacturing alongside health management it is vital the verticals are protected. The impact of these services becoming unavailable is not just service quality but also health and safety and patient care.9 The ways

42、to protect enterprise IoT are understood failure to deliver on these security requirements however will potentially result in organisations IoT devices becoming part of a wider attack, using up resources and potentially removing their availability. Therefore, the GSMA recommends IoT service provider

43、s: Know what IoT devices are on their estate Secure their IoT devices; the GSMA maintains a flexible set of IoT Security Guidelines and an IoT Security Assessment. Advice includes: Where possible confirm all IoT devices are compliant with corporate policies, including authentication, encryption, pat

44、ching and password requirements 7 as a result, the GSMA recommends that operators implement compensating controls, specifically: Provide guidance for consumers and enterprises on the risks of using SMS as a multi-factor authentication mechanism Implement signalling controls outlined in the GSMA Frau

45、d and Security Group (FASG) guidelines on securing interconnect protocols43 Have a fraud management system (FMS) to identify, detect and prevent potential fraud transactions within the signalling messages MOBILE TELECOMMUNICATIONS SECURITY THREAT LANDSCAPE 17 Recent research found that:41 53% of cal

46、l tapping attempts on 3G networks succeed 67% of networks fail to prevent bypass of SS7 protection 9 out of 10 SMS messages can be intercepted The insecurity of SMS has affected verticals that rely on SMS as part of their 2-factor authentication (2FA) processes, specifically finance.42 This trend hi

47、ghlights the ongoing and legacy nature of this threat as the same threats were reported within industry since 2014. The industry understands threats posed by signalling protocols, SS7, GTP and Diameter however their fixes are not straightforward to apply to complex and large scale networks.38, 39, 4

48、0 As such, these threats are unlikely to be removed from any threat landscape relating to the mobile telecommunications industry for several years to come. 38 Signalling System 7 (SS7) is an international telecommunications standard that defines how network elements in a public switched telephone ne

49、twork (PSTN) exchange information over a digital signalling network. Signalling Transport (SIGTRAN) is the standard telephony protocol used to transport Signalling System 7 (SS7) signals over the Internet. 39 GPRS Tunnelling Protocol (GTP) is a group of IP-based communications protocols used to carry general packet radio service (GPRS) mobile telecommunication networks 40 Diameter protocol is a subscriber authentication, authorisation and accounting protocol created to replace SS7. 41 https:/conference.hitb.org/hitb