Nokia released its tenth
Threat Intelligence Report
which shows that cyberattacks on telecom infrastructure are
accelerating, as cybercriminals increasingly harness Generative AI and
automation to increase the speed, volume, and sophistication of their
attacks.
Among the report's key findings:
- DDoS: The number and frequency of
Distributed Denial of Service (DDoS) attacks, which can overwhelm telco
infrastructure with traffic and make it inoperable, have grown from one
or two a day to well over 100 per day in many networks.
- Bots: Botnets continue to be the primary source of
DDoS attack volume, representing about 60% of DDoS traffic monitored by
Nokia from June 2023 to June 2024. During that time period, residential
proxies became a prominent tool for more advanced application-layer
attacks.
- Regions: North America has seen the highest number
of cyberattacks - accounting for about one-third of the total - due to
the concentration and scale of telecom infrastructure and large
enterprises in the United States.
A botnet is a network of computers and devices controlled and
used by cybercriminals for launching malicious activities, such as DDoS
attacks and the theft of personal and sensitive information.
Reflecting a trend of recent years, the growth in DDoS attacks has
been fueled by the proliferation of hundreds of thousands of insecure
IoT devices, ranging from smart refrigerators to smartwatches, which
often have lax security protections and have gigabit and multi-gigabit
broadband capacity that facilitate the spread of malware. The most
common malware in telecommunication networks was found to be a bot that
scans for vulnerable devices, with weak encryption, passwords, or design
flaws.
East Asia also faces significant data leaks due to inadvertent
exposures by companies themselves, while Western Europe contends with a
mix of cyber espionage and financially motivated breaches, according to
the Threat Intelligence Report.
Even as Generative AI enables faster, more sophisticated attacks,
communication service providers are increasingly using the same
technology to improve their response times and effectiveness against
cyberthreats.
Another threat concerns System-on-chips (SoCs), hardware-integrated
circuits that incorporate computer components that drive higher
computing and network performance and minimize power consumption.
Cybercriminals are increasingly targeting SoCs to exploit
vulnerabilities in various components, such as firmware, software, and
hardware interfaces.
Quantum computing is another example where new threats are emerging.
Organizations like the National Institute of Standards and Technology
(NIST), which recently standardized the first algorithms that will form
components of the world's approach to counter the potential threats of
quantum computing, are continuing to help shape security strategies
globally.
The Threat Intelligence Report is compiled by Nokia's Threat
Intelligence Center, the Nokia Cyber Security Center, the Nokia Security
Operations Center, and the Nokia Deepfield Emergency Response Team
(ERT), the company's industry-leading IP network and DDoS security
experts.
Rodrigo Brito, Head of Security, Cloud and Network Services at Nokia, said:
"The use of Generative AI and automation for nefarious purposes is
leading to a stepwise increase in malicious actors' capabilities and
threat potential. The Threat Intelligence findings further reinforce the
need for operators, vendors, and regulators to work more
collaboratively to develop more robust network security measures,
practices, and awareness."