Insider risk has continued to show relevance in all industries. Customer information held by telecommunications organisations is highly targeted by attackers. Insiders have increasingly become the medium through which attackers pursue their goals. Organisations must progress beyond orthodox security measures to tackle such threats.
Why are telecommunication companies affected by insider risk?
Because they have extensive information on their customers, including personal and even financial data as well as online behaviour information based on communication patterns.
Telecom insiders are often cellular and internet service provider employees. In many cases, insiders are used to deliver subscriber and company data. Such insiders can remotely reroute, intercept, and manipulate incoming calls and messages of customers. This increases the probability for a wide array of insider acts such as SIM card duplication/illegal reissuing, network mapping and man-in-the-middle attacks.
External actors are increasingly attracted to insiders for a variety of reasons:
- Employees already have authorised access to critical telecom data and networks
- Employees know how the company’s network device function and can easily identify vulnerabilities
- Employees may know about security measures and how to circumvent them
- Employees in the telephony and internet industries are the most affected by human errors