SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
AT&T data breach shows 3rd party security risks: SecurityGen
Thu, 30th Mar 2023
FYI, this story is more than a year old

The security breach at a third-party marketing partner of US telecom operator AT&T led to the information of nine million AT&T customers being exposed. It highlights the risk to telecom operators from security vulnerabilities at third-party partners, according to Dmitry Kurbatov, co-founder and chief technology officer of SecurityGen, the provider of security solutions and services for the telecom industry.

Furthermore, the potential risk from third parties is set to increase with the growth of 5G and evolving ecosystems of developers, service providers and non-telecom players working together on new 5G products and services.

Commenting on the AT&T incident, Kurbatov says, “Supply chain attacks have become increasingly common and dangerous in recent years. In a supply chain attack, hackers target a company's vendors, partners, or other third-party providers so as to gain access to its systems or data. These attacks can be particularly difficult to detect and defend against, as companies often have only limited visibility of the security measures of their suppliers and partners.”

In the case of AT&T, the marketing vendor was likely targeted through a phishing email, a common tactic used by hackers. Once the hacker accessed the marketing vendor's accounts, they could have easily obtained more sensitive customer data.

“While this incident is referred to as a supply chain attack, it's important to consider that the data of AT&T customers might not have been the primary target for the hackers – the exposure of this data could have been an unintended consequence of the attack. Regardless of the motivations behind the breach, the event underscores the need for robust, comprehensive security measures to protect customer data that extend beyond operators’ own networks and systems.” Kurbatov continues. 

The AT&T incident indicates threats to operators and customers from potentially unsecured third parties, claims SecurityGen.  

It's a timely reminder for operators to implement strong security measures for their own systems and thoroughly vet and monitor the security practices of third-party partners and suppliers.

“This risk from third partners is set to increase with the growth of 5G and accompanying ecosystems of non-telco developers, service providers and other players working together on 5G products and services,” Kurbatov explains. “Because 5G networks provide an expanded range of services and connect an expanded number of devices, they offer an expanded attack surface for hackers to exploit.”

“5G has also been developed with improved security protocols than previous network generations. It’s also designed from the ground up to be flexible and open for integration with multiple external systems. However, this same open architecture that enables flexibility and easy integration can also make 5G vulnerable and exposed to threats and hidden vulnerabilities”, Kurbatov adds.

“The promise of safe, secure 5G depends on operators recognizing 5G’s vulnerability and putting in place the necessary security safeguards that minimizing the threats arising from external partners and 5G’s own extra openness,” he concludes.