Cyber attacks in the area of telecommunications

The free exchanging of information is leading to new risks in the communications environment

In the telecommunications sector, every new order starts with detailed research on the internet. In contrast to banks or the public sector, all of the domains, including those with a low security status, also have to be accessible. This enables malware or viruses to be transferred rapidly to company systems, and the only thing that can stop them being sophisticated data protection systems.

The securing of the internal network is therefore a key priority of the data protection. These are the most sensitive variety of data segment and it is frequently the case that they do not have sufficient protection against cyber threats.

Current IT risks in the telecommunications sector

The conventional technology can slow the data traffic down

Firewalls, virus scanners, filters and encrypted ports are no longer sufficient for being able to respond to cyber threats sufficiently effectively. Since higher tier services also fail to offer sufficient protection, a combination of a firewall and honeyBox® is recommended.

Then there is the problem that active solutions can slow the circulation of the data down and impair the flow of data. Conventional IDS can cause speed-related problems with the internet connection. As a passive solution however, the honeypot appliance offers flawless protection without impairing the network traffic.

Where protection by the honeyBox® is required

To provide the necessary protection, a different approach is required

The increased networking of data communications is posing a challenge to IT security in the media in particular. The data traffic should remain unhindered, and sensitive data segments should be well protected against attacks from cyberspace. At the same time, the complexity of the data should not be further increased through the protection provided by a IT security solution. Ideally, this means that the requirements of the governmental sector are covered by a passive solution which requires as little installation and operational effort as possible. If such a solution operates in the background, the data communications will be uninterrupted. The solution should be easy to operate without the need for in-depth knowledge of IT security and as far as possible, not issue any false positives.

All of these conditions are satisfied by the honeyBox® honeypot appliance without exception. For the sustainable protection of your IT, security experts therefore recommend the use of the honeyBox® in your network.

The honeypot technology convinces due to its benefits, which are based on an unconventional approach. Honeypots work according to a simple principle: they attract unwelcome visitors to your network who aren't recognised by a firewall or IDS/IPS to a virtual trap.

In contrast to a firewall, which is a hurdle that hackers from cyberspace are able to overcome, honeypots are simulated servers which have a low security status in comparison with other servers. They therefore appear easily accessible and are therefore attractive to hackers. Without being aware of it, the attacker falls into a virtual trap, while the rest of the system remains protected and an alarm is raised.

APT - The underestimated threat from the cyber sphere

An APT (advanced persistent threat) is the name given to a targeted attack that is carried out by experienced hackers to large-scale networks or systems and the associated theft of data or manipulation of systems over an extended time frame.

Hackers of this kind take a targeted and long term approach to their attacks, which are also configured on a sophisticated basis, making them hard to detect. According to the BSI, research suggests that it takes an average of 87 to 229 days for an attack to be discovered. In extreme cases, it can take 2 to 3 years.

Using the honeyBox® can prevent such a scenario. The honeyBox® is capable of revealing and reporting these attacks. In this context, unwanted visitors are attracted to a virtual trap and an alarm is raised.

A monitoring of your LAN with IDS/IPS is insufficient

Companies require reliable data about the security status of their network. With IDS/IPS, this cannot, on the whole, be achieved. In contrast to this, with honeypots it is, on the whole, possible to detect cases of unauthorised access.

Situation: You do not use comprehensive monitoring in your LAN. Attacks to your internal systems can, however, cause considerable damage.

Implementation: With the use of the honeypot appliances, you rapidly gain a solution which can be used in order to detect internal attacks to your LAN. This makes changes to the network structure unnecessary.

The result: through the detection and possible logging of attacks, you receive up-to-date notification on whether hackers are active in your network. If required, you can introduce steps so as to contain and analyse the attack.