A billion user hours lost in EU telecoms due to security incidents in 2019

The European Union Agency for Cybersecurity publishes the 9th annual report on telecom security incidents.

The report published today provides an analysis of root causes and impact of major incidents that happened in the course of 2019 and multiannual trends. The national telecom security authorities in Europe reported a total of 153 major telecom security incidents in 2019. These incident reports were submitted to the EU Agency for Cybersecurity as part of the annual summary reporting on major telecom security incidents in the EU. The reported incidents had a total impact of almost 1 Billion user hours lost.

Juhan Lepassaar, the Executive Director of ENISA, said: "Incident reporting is essential to understand different factors that play a role in cybersecurity incidents, as well as relevant issues. It helps us to see the trends and allows us to assess if the related legislation is working. This will help us to develop the right security measures, if further adjustments or clarifications are needed in the form of implementing acts, and thus improve the overall level of cybersecurity. National authorities use the reporting as a basis for targeted policy initiatives. Our role at ENISA is to make sure that the process is working and to allow the stakeholders, the Member States and the Commission to get the most out of it. We work to harmonise the security incident reporting processes across the Union, to reduce security risks and barriers to the internal market."

Jakub Boratyński, Acting Director of Directorate H in DG CONNECT commented: “Security incident reporting is important in order to get hard numbers about incidents, to analyse root causes and impact, which helps prevent future incidents. It is essential to collect this data not only at EU-level, but also at national level. The COVID-19 outbreak shows more clearly than ever the importance of securing telecom networks.”

The report published today presents an analysis of root causes, impact, and trends of major incidents. It is the 9th annual report on telecom security incidents.

Key takeaways from the 2019 incidents

  • System failures dominate in terms of impact: this category makes up almost half (48%) of the total user hours lost. It is also the most frequent root cause of incidents. Both the frequency and overall impact of system failures have been trending down significantly over the past 4 years;
  • More than a quarter (26%) of total incidents have human errors as the root cause. Human errors increased by 50% compared to the previous year;
  • Almost a third (32%) of the incidents were also flagged as a third-party failure. This means that these incidents originate at third parties, typically utility companies, contractors, suppliers, etc. This number tripled compared to 2018 when it was 9% then;
  • Looking inside the category of system failures, hardware failures are a major factor: almost a quarter of incidents (23%) were caused by hardware failures and they heavily impacted user hours amounting to 38%;
  • Power cuts continue to be an important factor: being either the primary or the secondary cause in over a fifth of the major incidents.

To access the report, please visit: https://www.enisa.europa.eu/publications/annual-report-telecom-security-incidents-2019

ENISA provides also an online visual tool - CIRAS - giving public access to the full repository of telecom security. This tool gives statistics and anonymized information about the 1200 major incidents reported over the past 9 years.

EECC broadening the scope of the telecom security incident reporting

The New EU telecom legislation, known as the European Electronic Communications Code (EECC), has to be transposed into national law by 21 December 2020.

These new rules are broader in scope, adapting to the changes in the EU’s electronic communications landscape. The new legislation will also cover so-called number-independent interpersonal communications services, such as Whatsapp and Skype. The reporting obligations will cover a broader range of telecom security incidents, including incidents having an impact on confidentiality, availability, integrity or authenticity of the communication networks and the data transmitted via those networks or services.

ENISA is working with the EU Member States to implement these changes. The annual reporting guideline is currently being updated to include new thresholds for the annual summary reporting. The EU Agency for Cybersecurity is also updating the guidelines on security measures.

General observations

National telecom authorities use incident reports for targeted policy initiatives and guidelines: the mandatory reporting helps to identify common root causes. This is how we start finding solutions to mitigate the impact of some of the biggest incidents.

Every year the annual summary reporting at EU level highlights important issues and trends: the national authorities then follow up these issues and trends in more details.

Reporting about threats: under the new provisions of the EECC, important threats will also have to be reported along with incidents. This means there is a clear need for national authorities to exchange information about ongoing attacks and important vulnerabilities, in addition to actual incidents with impact on telecom services.

The current incident reporting does not show the complete telecom security threat landscape: security incidents not causing large network disruptions currently remain out of the reporting obligations.
Background information

Electronic communication providers in the EU have to notify telecom security incidents having a significant impact to the national authorities for telecom security in their country. At the beginning of every calendar year, the authorities send summary reports about these incidents to the EU Agency for Cybersecurity.

Security incident reporting has been part of the telecom regulatory framework of the European Union (EU) since the 2009 reform of the telecom package: Article 13a of the Framework directive (2009/140/EC) came into force in 2011. The breach reporting in Article 13a focuses on security incidents with significant impact on the operation of services, such as outages of the electronic communication networks and/or services. Article 40 of the European Electronic Communications Code (EECC) will replace Article 13a by the end of 2020.

The Article 13a Expert Group was founded by ENISA back in 2010, under the auspices of the European Commission. Its purpose is to bring together experts from national telecom security authorities from across the EU to agree on a practical and harmonised approach to the security supervision requirements in Article 13a and to agree on an efficient and effective incident reporting process.

Warna Munzebrock, a representative of Agentschap Telecom, the Dutch Radiocommunications agency, now chairs the group. The Article 13 expert group meets 3 times per year and its work and deliverables can be found in the Article 13a Expert Group portal hosted by ENISA.

Criminals infiltrating Africa’s booming mobile money industry

A new INTERPOL report has found the billion dollar mobile money industry in Africa is being exploited by organized crime groups – a trend only set to increase as the service is rolled out across the continent.

The ‘Mobile money and organized crime in Africa’ report presents an overview of the criminal exploitation of mobile money services, including fraud, money laundering, extortion, human trafficking and people smuggling, the illegal wildlife trade and terrorism.

The African continent is the “world leader” in the mobile money industry, accounting for nearly half of all registered mobile money accounts globally.

The prominent role that mobile money plays in African societies and economies, and the rapid pace at which its infrastructure has been developed, has enabled criminals to “exploit weaknesses in regulations and identification systems” and commit mobile money-enabled crimes.

Lack of robust identity checks
The report notes that mobile money itself has proven to be a positive force for financial inclusion and economic development in many African countries, and that a more cash-based informal economy can sometimes present even graver challenges to law enforcement.

However, a lack of robust identity checks to verify users combined with a need for greater law enforcement resources and training on mobile money-enabled crimes have created a financial system distinctly vulnerable to criminal infiltration.

Types of ID required to register for a mobile money account are not standardized across Africa and acceptable documents range from national identity cards to company IDs, tax certificates and drivers licenses.

While such a broad spectrum of acceptable IDs benefit the growth of mobile money services, it also increases their vulnerability to fraud, money laundering and other crimes.

In parallel, despite progress in conviction rates for mobile money-enabled crimes, the technical expertise and equipment required to complete investigations can prove difficult to integrate into the court process.

“The time to act is now”
With mobile money poised for even greater growth in Africa, unless the vulnerabilities are addressed, these services pose a significant threat to consumers and national security.

By 2025, smartphone user rates in Sub-Saharan Africa alone are projected to rise from roughly 39 per cent today to 66 per cent. Higher smartphone adoption, combined with a wider array of mobile money services on offer, will likely increase the number of transactions performed through smartphone apps.

“The evidence shows that criminals are already exploiting mobile money services in Africa. The anonymity that these services too often allow and the technical nature of the industry also present a challenge to law enforcement in investigating and prosecuting these crimes,” said Cyril Gout, INTERPOL Acting Director of Operational Support and Analysis.

“This report emphasizes the need to act is now. By addressing the vulnerabilities highlighted by Project ENACT, we can ensure that the mobile money industry continues to grow throughout Africa without being compromised by those who seek to undermine it,” added Mr Gout.

Project ENACT
Through ENACT, INTERPOL assists police in Africa to adopt proactive strategies to combat organized crime threats, facilitate information exchange and enhance investigative skills.

Project ENACT is the first initiative of its kind to cover the entire African continent in analysing the scale of organized crime and its impact on security, governance and development. This analysis serves to inform decision-makers and strengthen law enforcement cooperation at regional and continental levels.

Project ENACT is funded by the European Union and implemented by INTERPOL and the Institute for Security Studies, in partnership with the Global Initiative Against Transnational Organized Crime.

Telos ID to provide Transportation Security Administration (TSA) with improved background checks for airport workers

Telos ID has announced that the Port of Seattle has contracted with Telos ID to provide Transportation Security Administration (TSA)-approved Designated Aviation Channelling (DAC) services for processing worker background checks at Seattle-Tacoma International Airport (SEA).

Telos ID’s DAC services improve data integrity, increase the efficiency of credentialing operations and reduce costs. DAC services enable submissions of workers’ biographic and biometric data to conduct background checks, including subscriptions to the FBI Rap Back program, for individuals working in secure areas of U.S. commercial airports. Telos ID has been supporting SEA with DAC services since 2016, and with recent selection to continue services, will do so for an additional ten years. SEA uses the DAC via integration with its identity management system (IdMS).

“The DAC services deployment at Seattle-Tacoma International Airport is notable for its size and scope, specifically the integration with SEA’s IdMS, enabling efficient biographic, biometric, and Rap Back transmissions,” said Dawn E. Lucini, vice president of aviation security, Telos ID. “With a large badge holder population, we have streamlined the TSA-required aviation worker background check process, while upholding the high security and customer service standards at SEA.”

As an encrypted, web-based solution, Telos ID’s DAC services meet TSA and Department of Homeland Security (DHS) requirements for handling personally identifiable information and biometrics. Its modular design supports each airport’s and air carrier’s needs, and users can perform multiple functions on one platform.

COVID-19 pandemic highlights submarine cables as critical infrastructure

“Submarine cables are crucial infrastructure and have been vital in helping us get through this pandemic together,” said Keith Schofield, General Manager, International Cable Protection Committee.

For many years now, the submarine cable industry has been at the heart of international connectivity, providing data avenues that span continents and unrivalled capacity. Despite this, the industry’s fundamental contribution to the telecoms sphere is often overlooked.

But now, during the coronavirus pandemic, the critical nature of the subsea cable industry has come to the fore, proving once and for all that they are undeniably critical infrastructure all over the world. But responding to the demands of the crisis has not been easy.

[Source: Total Telecom]

Nigeria declares telecoms facilities critical national Infrastructure

In response to the yearnings of industry stakeholders to declare telecom facilities Critical National Infrastructure, President Muhammadu Buhari, has finally approved and also directed that necessary physical protective measures be put in place to safeguard telecommunications infrastructure deployed across the country.

This followed a proposal by the Minister of Communications and Digital Economy, Dr. Ibrahim Pantami, to the President to identify telecommunications infrastructure as Critical National Infrastructure, with a view to protecting them from vandalization and theft, amongst other things.

Recall that telecom operators and industry players had over the years been consistent in their demand for the Federal government to declare all telecoms facilities across the country critical national infrastructure but their request was never heeded to, leading to frequent vandalization of telecoms infrastructure in various parts of the country.

The Nigerian telecommunications industry, depends on a number of infrastructure that play a critical role in the smooth delivery of telecoms services.

These are part of Critical National Infrastructure (CNI) because of the important role they play, in ensuring security and in the delivery of other essential services.

As part of the policy of the Federal Government of Nigeria, the Minister of the Federal Ministry of Communications and Digital Economy, Dr Isa Ali Ibrahim Pantami, decided to champion the efforts to identify telecommunications infrastructure as Critical National Infrastructure, with a view to protecting them from vandalization and theft, amongst other things.

With the presidential directive, the Minister said the Office of the National Security Adviser (ONSA), Defence Headquarters (DHQ), Nigeria Police Force (NPF), Department of State Security Services (DSS) and the Nigeria Security and Civil Defence Corps (NSCDC), have been notified of Mr President’s directive and are expected to enforce same as directed.

While, appreciating the security institutions, and commending them for their commitment in securing these infrastructure, he noted that the ministry are also working towards the reinforcement of the directives through appropriate regulatory instruments.

“The implementation of the National Broadband Plan (NBP) and the implementation of the National Digital Economy Policy and Strategy, both unveiled by Mr. President, have repositioned the ICT sector.

“This is evident by the recent ‘Nigeria’s Gross Domestic Product Report’ released by the National Bureau of Statistics (NBS) which showed that the ICT sector contributed an unprecedented 14.07% to the total real GDP in the first quarter of 2020.

“The Minister is truly grateful for the timely approval of President Muhammadu Buhari, and we are confident that this will address the challenge of vandalism of our Critical National Infrastructure.

“It will also go a long way in supporting the implementation of the National Broadband Plan (2020-2025),” the Minister said.

He however, urged the Mobile Network Operators (MNOs) to ensure that they further reduce the price of data and calls for citizens to reciprocate the government gesture.

He also advised them to submit a comprehensive list of their facility locations all over the country.

[Source: Today Nigeria]

Statement from Attorney General William P. Barr Regarding the U.S. Department of State Global CTO Roundtable on 5G Integrated and Open Networks

Attorney General Barr issued the following statement:

“The United States and our partners are in an urgent race against the People’s Republic of China (PRC) to develop and build 5G infrastructure around the world.  Our national security and the flourishing of our liberal democratic values here and around the world depend on our winning it.  Future 5G networks will be a critical piece of global infrastructure, the central nervous system of the global economy.  Unfortunately, the PRC is well on its way to seizing a decisive 5G advantage.  If the PRC wins the 5G race, the geopolitical, economic, and national security consequences will be staggering.

The PRC knows this, which explains why it is using every lever of power to expand its 5G market share around the globe.  The community of free and democratic nations must do the same.

To compete and win against the PRC juggernaut, the United States and its partners must work closely with trusted vendors to pursue practical and realistic strategies that can turn the tide now.  Although the ‘Open RAN’ approach is not a solution to our immediate problem, the concept of Integrated and Open Networks (ION), which was the topic of yesterday’s roundtable, holds promise and should be explored.  We can win the race, but we must act now.”