技术信息: 服务提供商的安全漏洞 Service Provider Security Breaches

The Growing Challenges of Service Provider Security Breaches (服务提供商的安全漏洞)

 

By Marc Meulensteen On February 4, 2014

 

首先，我们需要来看看安全漏洞是如何发生的。有许多不同的方式能够让服务提供商很容易受到安全性的破坏。最明显的是实际服务和直接相关的设备的脆弱性。当SNC ，类似以前的PABX或电话交换机，遭到了DDoS的攻击，而造成停止工作。这将关闭手机流量并造成收入损失，另外公司形象受损，更糟的是由于安全漏洞所造成的公共危险。另外的弱点可能深藏在网络内，或是网络底层的装置，像路由器或者交换机。此外当一个核心路由器受到攻击时，它会停止工作并致使整个地区没有服务。这种攻击的后果可能是灾难性的。

 

In light of recent high-profile security breaches, new rules and regulations regarding breach reporting have been in the spotlight lately. While some service providers and Internet Service Providers (ISPs) have protested the new directives, the larger question is, “What can operators do to protect themselves and their customers?”

 

First, we need to take a look at how security breaches happen in the first place. There are many different ways service providers are vulnerable to security breaches. The most obvious is the vulnerability of the actual service or device directly related to the service. When a SNC, similar to the ancient PABX or phone switch, gets attacked by a DDoS, it stops working. This shuts down phone traffic causing revenue loss, image damage, and worse—public danger due to the security breach.

 

Another vulnerability resides deeper in the network, or lower on the OSI model within a network device and/or a router or switch. When a core router is under attack, it stops working and an entire region is without service. The fallout from such an attack can be devastating.

 

Additionally, network traffic is increasing, yet bandwidth usage is fixed. The mobile experience is exploding and the wealth of applications running on mobile devices, laptops, computers, etc. are all competing for bandwidth. This traffic makes it easier for hackers to overload and attack a system.

 

So, how do service providers protect themselves and their customers? Security is a trade-off between performance, functionality, and profit on one side and protection and risk on the other. You can protect a system 100% by disconnecting it from the Internet, disabling all external connections like USB, Bluetooth, Ethernet etc., but that’s the same logic as protecting your new car by leaving it parked in the garage.

 

A realistic, yet comprehensive approach to security involves awareness and strong security policies at various organizational levels. A technology solution with next-generation firewalls is a must, as well as, protection for crucial network devices such as core routers. Testing is key. Devices must be tested for risk prior to deployment. Service providers must perform regular penetration testing, essentially simulating an attack on its own network before the hackers do. This enables them to identify potential security risks and fix them before data breaches occur.

 

How confident are you about the safety of your network?