BlackBerry Ltd.

10/31/2024 | News release | Distributed by Public on 10/31/2024 10:27

The Hidden Risks in Telecom Networks and How to Safeguard Your Organization

The Hidden Risks in Telecom Networks and How to Safeguard Your Organization

The recent breach of major telecom provider networks is a warning sign for your organization. It reveals a level of risk most never intended to take: the risk that secrets that give you a competitive advantage - in the marketplace or on the battlefield - could be too easily exposed. Public telecom networks are primarily designed around reachability, which means security trade-offs often take place.

If your organization requires confidential communications, you should look to a method that allows you to control your own communications infrastructure. NATO, the US government, Canada, Malaysia and many other complex businesses and governments, rely on BlackBerry's SecuSUITE® to communicate confidently and securely despite recent threat actor attacks.

In my role, I travel the world speaking about the risks of compromised mobile communications and I'll share some of my views here on the most recent situation.

Telecom Breach: What Did Nation-State Threat Actors Acquire?

Chinese government-linked hackers are being implicated in a sweeping cyber-espionage campaign targeting major telecom companies and then leveraging that access to target the data coming from the mobile phones of prominent figures like former President Donald Trump and vice-presidential nominee JD Vance and according to CNN, officials related to the Kamala Harris presidential campaign.

U.S. federal law enforcement is investigating and there is surely more to come, but so far, we've learned that threat actors reportedly intercepted audio calls and SMS messages of U.S. political officials and mined mobile communications metadata which is a treasure trove for threat-actors.

Secure Communication Gaps in Public Telecommunications Networks

This attack against telecom providers reveals vulnerabilities in the telecommunications infrastructure and raises concerns about the effectiveness of current cybersecurity measures.

As I mentioned previously, public telecom networks are primarily designed so that any number can easily call or text any other number in the world. This implies that automated interconnections must exist between the networks of all the carriers worldwide. While this is core to the value that telecom networks provide to consumers it also means that security trade-offs must take place. The most significant one is around identity, and specifically around the lack of identity validation, in the public networks. Identify spoofing and spam communications are endemic and almost impossible to stop.

Here's something else that is very concerning: The carrier-interconnect cellular-roaming protocols introduce the ability for potentially malicious carriers to redirect and intercept cellular connections for any phone number without the end user being aware this has occurred. This has led to the existence of criminal entities that provide call interception as a service. Now your adversaries or competitors can intercept your communications, even if they lack the skills to do it, because they can hire someone who knows how.

When executives, government leaders, law enforcement and military are communicating, these are risks they face in this modern era.

How Do Threat Actors Use Stolen Metadata from Mobile Communications?

When someone gets access to carrier metadata such as CDR (call detail records) or MDR (message detail records) they can build out contact graphs of who is communicating with whom, when they are communicating and with what frequency.

This type of information can be extremely valuable for a threat actor. There have been numerous public reports over the past decade of carriers being hacked and having their metadata stolen. The most recent example was this past summer when AT&T announced that all the metadata for their cellular customers over an extended time had been compromised.

This not only effected AT&T customers but everyone worldwide they had communicated with.

In addition to the intelligence value of the call patterns, a breach like this increases the risk of identity spoofing that can be used in targeted attacks. With the metadata, bad actors can now specifically spoof telecom subscribers with numbers they have been communicating with already.

In the case of the Verizon network being infiltrated, the situation is even more concerning, since rather than retrospective analysis of metadata, the culprit now has real-time visibility into this information and can track it by individual subscribers.

For example, if a political candidate is communicating with another subscriber in an unexpected manner - like frequency, time of day, length of calls and more - then the bad actor can likely extract real-time intelligence from that and use it as input into their other malicious digital activities.

This scenario can also provide threat actors with the ability to tune their focus on additional subscribers which increases the overall amount of intelligence they can gather. For example, it may make it possible for them to "out" a high-profile supporter of a candidate who had been trying to remain out of the public view. In the hands of a sophisticated adversary that could lead to numerous consequences, including blackmail attempts.

Metadata can also be used in "wire-tapping" type targets, especially metadata generated by communications via "free" apps for voice calls and messaging. This is easily traded, fueling "wire-tapping-as-a-service" markets that are readily available for purchase on the internet.

Organizations Must Deploy Certified Mobile Security Tools

The solution to mobile security gaps lies in certified cryptographic authentication, which is crucial for ensuring secure communication channels, protecting your metadata, and preventing identity spoofing, identity fraud, and deepfakes.

You can find this protection in BlackBerry's SecuSUITE, which mobilizes high security voice and messaging for iOS® and Android™. It has multiple NIAP (Common Criteria) certifications and is listed as a Commercial Solutions for Classified (CSfC) compliant product to meet the highest security requirements for the U.S. Federal Government and the broader Five Eyes intelligence alliance.

I believe it's time for more governments and campaign teams to prioritize secure, military-grade communication solutions that ensure full sovereign control over data to prevent eavesdropping, unauthorized access and espionage.

Any solution you consider should provide end-to-end encryption for voice calls and messages and enable secure one-to-one and group communication across international networks.

Additionally, protecting calls from foreign networks to standard mobile or VoIP phones is essential in today's uncertain geopolitical climate. Implementing these measures will significantly strengthen the protection of sensitive information, enhance national security, and help uphold the integrity of democratic processes.

Learn More About BlackBerry's SecuSUITE

Having high security voice and messaging for iOS and Android is possible around the clock and around the globe with BlackBerry. Join the world's largest and most secure organizations who use BlackBerry's SecuSUITE to defend against espionage and interception attacks. Reach out for a conversation or learn more here.

For similar blogs and news delivered right to your inbox, please subscribe to the BlackBerry Blog.

About David Wiseman

Vice President Secure Communications, BlackBerry

David Wiseman is the head of BlackBerry's Secure Communications business unit, providing secure mobile voice communications for North American governments, with responsibility for sales, marketing and partnerships.

Back