This programme is designed to establish colocation and ecosystem partnerships, empowering members to expand their product portfolio & offerings alongside their market presence including an expanded data centre footprint.

ADC Channel presents a unique opportunity for global carriers, Internet Service Providers (ISPs), system integrators, Data Centres, Mobile Network, Content Developer, telecommunications companies, network infrastructure operators, hyperscalers and others to deliver state-of-the-art, sustainable and cost-effective digital solutions to their clients.

The primary objective of ADC Channel is to foster collaboration amongst partners, facilitating the delivery of optimised solutions and comprehensive support to clients.

Partners enrolled in ADC Channel will benefit from a flexible approach that accommodates various partnership and go-to-market (GTM) models.

Finhai Munzara, CFO of Africa Data Centres, emphasises that the benefits of the ADC Channel programme extend to all types of partners.

“Our facilities are designed with the needs of hyper-scale, wholesale & enterprise clients in mind, catering to their technical, operational and commercial requirements. Whether it’s greenfield projects, built-to-suit facilities, powered shells, dedicated halls, or hybrid colocation, we offer flexible, scalable and sustainable solutions that suit partners of every kind,” Munzara said.

He elaborates on the advantages of becoming an Africa Data Centres Partner.

Firstly, clients gain an additional product offering & footprint to augment their existing portfolio, enabling them to offer bundled solutions.

This not only enhances their current revenue streams but also positions them for further growth & retention with both existing and future customers.

Africa Data Centres has also developed ADC Marketplace, a pioneering platform designed to empower partners and customers across the continent.

This innovative marketplace provides a dynamic space for partners to showcase their services and for customers to explore offerings, fostering collaboration and visibility within the African tech community.

Offering unmatched connectivity and growth opportunities, the ADC Marketplace stands as the ultimate platform for African enterprise organisations and tech companies seeking to thrive in today’s digital landscape.

Partners stand to benefit from reduced churn, as colocation is inherently a ‘sticky’ product with minimal price erosion.

By offering best-of-breed colocation services from Africa’s leading data centre provider, partners can differentiate themselves from competitors.

Partners will also enjoy seamless access to data centre experts, continuous commercial and technical support, and regular, complimentary training for their sales and product teams.

Furthermore, partners face no financial risk, as participation in the channel programme requires no investment and entails no capital expenditures for building data centres.

Partners can also leverage flexibility in setting their selling prices and receive significant upfront discounts, further bolstering their competitive advantage.

Exclusive benefits include competitive pricing, dedicated sales & Presales Teams, Remote Hands support and access to joint marketing resources & activities, enabling partners to thrive in the marketplace.

Munzara emphasises that ADC Channel programme  epitomises Africa Data Centres’ commitment to fostering collaborative growth and innovation.

“It serves as a platform for clients to enrich their product portfolios and seamlessly extend their business across diverse ecosystems with openness and transparency.” Africa Data Centres warmly invites partners to embark on this transformative journey towards shaping the future of digital connectivity in Africa.

“The programme prioritises mutual growth, leveraging Africa Data Centres’ profound industry expertise and extensive infrastructure,” Munzara concludes.

The very technology that connects us may also be our weakest link. That’s the message from Enea’s recent handbook, which outlines how mobile signaling – the silent operator behind our calls, messages, and data transfers – might also be the Achille’s heel of our digital age.  

 Why is this so crucial? Because a breach in mobile signaling doesn’t just mean a dropped call or a delayed text.

It can lead to unauthorized access to user data, intercepted communications, and even state-sponsored espionage. The cyber warfare tactics employed in the war in Ukraine are a chilling testament to this, where the digital environment has overlapped dangerously with the physical battlefield. 

 These risks are explored in detail in a new handbook authored by Rowland Corr, VP & Head of Government Relations at Enea.

The handbook is titled “Why Signaling Security Will Make or Break Mobile Network Resilience: A Handbook for Mobile Network Regulators and Operators” and was written to give regulators and operators an understanding of the fundamentals of signaling and the associated vulnerabilities.

Here are some of the topics covered: 

The First Real Cyberwar

As the report starkly puts it, “We are now witnessing the first real cyberwar.” The Russian effort to exploit vulnerabilities in network signaling systems has been a significant but underreported element of the digital onslaught against Ukraine.

This warfare underscores the intricate relationship between mobile telecommunications, signaling, and critical infrastructure. 

What is Mobile Signaling

An overview of the role that signaling plays in the mobile ecosystem and why this has historically been left out of the cybersecurity conversation. 

The Vulnerability of Signaling Systems

Mobile signaling, especially the still ubiquitous Signaling System 7 (SS7) protocol, is riddled with vulnerabilities exploited by state-level threat actors in offensive cyber operations worldwide.

Today, the exploitation of  signaling vulnerabilities involves threats to confidentiality and integrity as well as to availability of data and services across all mobile generations.

The comparatively low maturity of recognition, reporting requirements and resourcing addressing signaling undermines cyber resilience and poses a unique threat to national security as victims are uniquely powerless to protect themselves.  

The Need for a High Benchmark

Basic or so-called baseline security measures are not enough. The key to enhancing signaling security lies in establishing a high, common benchmark for protection.

This involves moving beyond static configurations and adopting a proactive, adaptive, and aligned approach to cyber defense.  

Operator Blindspots:

Many operators today lack fit for purpose signaling protection to detect significant incidents. Without mature incident reporting frameworks and the capabilities to support them and make threats visible in the first place, telecoms threat sharing will remain nascent and ultimately  ineffective while hostile targeting campaigns and data leakage go undiscovered 

A Call for a Mission-Oriented Approach

The handbook emphasizes the need for a mission-oriented approach that brings together private, public, and tertiary sectors.

This approach should be aligned with the interests of civil society to transform our approach to communication and connectivity.  

 In a world underscored by mobile connectivity, it’s essential that the very networks that uphold this connectivity are fortified against threats.

Enea’s handbook is a clarion call to operators, regulators, and the industry at large, emphasizing that when it comes to mobile network resilience, signaling security is not just a technical concern—it’s a matter of global safety. 

Dive into the full handbook to understand the intricacies of mobile signaling and the urgent actions needed to safeguard our interconnected world. 

[Source]

[Featured Image Credit]

Threats facing mobile operator networks:

1. Voice fraud
2. SMS misuse and attacks
3. Signaling security risks (SS7)
4. 5G legacy and its vulnerabilities
5. Network slicing security flaws
6. 5G IoT security vulnerabilities

Mobile internet use has reached 55% of the world’s population, according to the Global System for Mobile Communications Association (GSMA), and by the end of 2021, 4.3 billion people were using mobile internet.

Across the world, mobile internet users are increasingly dependent on their mobile phones for a range of business and personal activities. Unfortunately, mobile network threats come with this territory.

Mobile usage has attracted unwanted attention from criminals who try to disrupt communication services or change, destroy, or steal data.

These cybercriminals usually exploit device or network vulnerabilities to penetrate networks. Subscribers and regulatory bodies demand high-quality service (QoS) from their mobile providers, including a stable and secure network connectivity service.  

In this fast-paced environment, it’s increasingly challenging for mobile network operators to provide the best protection to subscribers.

This article outlines some of the most common mobile network threats and what chief security officers and their teams can do to prevent them. 

1. Voice Threats

With the total number of voice-over-5G users predicted to grow to 2.5 billion by 2026, it is anticipated that voice fraud will also rise. Such fraud attacks could include vishing (voice phishing), number spoofing, Wangiri fraud, and SIM Box fraud.

The existence of the iSpoof website is a good indicator as to how voice fraud has been developing. Before its takedown in November 2022, the malicious website sold bad actors the tools to commit voice fraud.

The ‘products’ sold on the iSpoof platform included pre-built vishing scripts – phishing attacks-as-a-service, and the ability to manipulate Calling Line Identity (CLI), enabling attackers to spoof numbers. The availability of these ready-made tools at the convenience of attackers is a testament to how widespread voice fraud has become.

Operators also face threats to their revenues with flash calls being utilized for authentication services. As flash calls incur no call charge, and in many cases can replace methods like A2P SMS authentication, operators’ revenues may suffer. 

In light of these developments in voice fraud, operators should invest in a voice firewall to address the growing challenge of protecting subscribers. Proactively taking steps to tackle voice fraud attacks will be critical for operators going forward, to maintain brand reputation and protect revenues.   

2. SMS Misuse and Attacks

There is a huge range of SMS attacks and other forms of misuse on networks. Many misuses will continue to exist, because the protocols and interfaces that enable SMS in 5G remain the same. The following are some of the 5G SMS misuses mobile networks must deal with:

• Unsolicited SMS messaging
• SMS phishing (or smishing)
• Premium SMS fraud
• Mobile Malware Propogation via SMS
• Surveillance and information retrieval via SMS
• Denial of Service
• SMS interception
• Grey routes
• New 5G attack vectors

As explained in the Messaging for the Future: Securing SMS in 5G white paper, as SMS messages traverse different protocols and generations, a holistic security approach needs to start by mapping out potential entry points and security zones for individual networks.

Then, the vulnerabilities of these entry points should be validated to see if and how those entry points can be exploited. This will enable operators to evaluate ways of detecting attackers, filtering out malicious messages and stopping signaling attacks.  

3. Signaling Security Risks

Signaling networks using protocols such as SS7, Diameter, and GTP-C are under threat from adversaries and fraudsters, who exploit loopholes in the protocols across the global interconnect.

This enables attackers to breach subscriber privacy, deny access to key services, and defraud mobile operators. Since the war in Ukraine began, Enea has uncovered evidence of state-sponsored attacks on mobile networks. 

Mobile operators urgently need to implement an effective signaling firewall and employ threat intelligence to ensure ongoing trust in their networks. If steps aren’t taken to secure signaling infrastructure, attacker’s will find vulnerabilities to exploit, and operators risk their brand reputation, customers, partners, and revenues.  

MNOs must select the right signalling firewall vendor to secure their networks. Operators should look for a combination of a carrier-grade signaling firewall, advanced reporting, and global threat intelligence.

The solution must go well beyond just blocking current attacks on the network. It should have capabilities to react to emerging threats, which seek to bypass standard SS7, Diameter, and GTP-C firewalls.

4. 5G Network Legacy and New Vulnerabilities

The GSMA reported that 5G networks have been deployed in more than 70 countries by nearly 200 operators, covering almost one-third of the world’s population. It is predicted that by 2025, there will be 2 billion 5G connections globally. 5G network security is more complex than previous mobile technologies, as networks have become more virtualized, disaggregated, and cloudified, making them more vulnerable to intrusions. 

5G architecture comes with significant vulnerabilities, which, if left unaddressed, could be exploited by cybercriminals.

The fundamental vulnerability enables three main attack scenarios: user data extraction (e.g., location tracking), denial of service against another network function, and access to a network function and related services of another vertical partner from network slicing. 

When it comes to securing 5G networks, trust shouldn’t lead your security strategy. Operators have to be able to constantly and proactively monitor activity, discover and block threats, and most of all they need to react fast to any intrusion.

5. Network Slicing Security Flaws

Network slicing involves the virtual partitioning of the RAN and core to create ‘slices’ of the network that can be tailored to specific use cases. Our research shows that 5G network slicing contains some major security flaws that could enable attacks such as Denial of Service (DoS), location tracking, as well as fraud / data leakage. 

Notably, DoS attacks could be more damaging in a 5G environment, as we see more 5G use cases with enterprise partners. Many mobile network operators now count governments among their customers, and attacks could reach parts of critical national infrastructure, such as energy, health, transportation, public services, and manufacturing.  

To prevent potential DoS attacks within 5G network slicing, we recommend using an enhanced filtering and validation approach that combines information from different layers and protocols and integrates external threat information.

This filtering and validation approach divides the network into security zones and safeguards the 5G core network. Cross-correlation of attack information between those security network functions maximizes 5G network protection against sophisticated attackers and allows better mitigations and faster detection while minimizing false alarms.

Standardization is important, but waiting for standardization to improve security might not always be a timely solution, as we can see from the timeline of the 3GPP Release 17 Code freeze in 2022. 

6. IoT Security in 5G

Because of the Internet of Things (IoT), there will be a greater number of devices connecting to the 5G networks and high-value critical devices like cars. This means that security methods designed for mobile phone devices are no longer a suitable approach.

To deal with the IoT security risks and other risks that may arise for 5G networks; we make three recommendations:

• The first recommendation is that mobile operators correlate and pool all the security information they have from the old mobile networks and the new 5G mobile network. This will give mobile operators a complete picture and improve security on all levels.
• The second recommendation is that mobile operators focus on intelligence and analyze what is happening on their new networks to understand the nature of attacks, build defenses to stop them, and give users confidence that future attacks will be blocked
• The final recommendation is that mobile operators adopt a security mindset with the 5G network as this network will not only be a piece of national critical infrastructure but also connect other critical infrastructure like transport, water, and electricity.

To protect this infrastructure, it will not be sufficient for mobile operators to implement specifications. They will need to maintain, monitor, and update these systems to block network attacks. This may require a change in the network mindset for many operators.  

Conclusion

This is not an exhaustive list of all the risks that MNOs face. Other threats include vulnerabilities associated with open-source software development, supply chain vulnerabilities, third-party cloud services, or simply exposure to human error. 

As 5G networks are fully deployed in every aspect of our economies, we believe risks will increase at different layers, from vertical industry to the massive use of IoT and core network-related 5G security issues. Mobile networks are now part of the strategic infrastructure with ramifications for every economic sector. This is why regulators increasingly require mobile networks to be more proactive against threats. 

MNOs should be able to anticipate threats to their networks, so they can provide a safe and secure connectivity environment for their consumers, enterprise, and government customers. Competing on price and speed is a race to the bottom and a losing strategy, given that MNOs must continue investing in infrastructure, new technologies, and better customer service.

Thus, security is becoming a cornerstone of MNOs’ strategy and differentiation from other MNOs. 

By implementing the right defenses and keeping up to date with the global threat landscape through a threat intelligence system, chief security officers, directors of engineering, and their teams can ensure the network is always safe and reduce the potential for economic losses and reputation damage.

The result will be a boost in net promoter scores and a formidable marketing tool for the MNOs. Speak to one of Enea AdaptiveMobile Security’s specialists to learn how we can help you enhance your network security.

About the writer

Caitríona Grant is a recent graduate of the National University of Ireland, Galway, where she completed a bachelor’s degree in global commerce. As part of her degree, Caitriona studied abroad in Canada and worked as a marketing intern back in Ireland. Over the course of her studies, she developed a passion for both marketing and cybersecurity, specialising in marketing in her final year. Caitriona is now working as a marketing assistant at AdaptiveMobile Security, a role that marries both of her passions.

[NB: This post was first published on Enea‘s platform]