Only 30% of subscribers aware of risks from mobile network vulnerabilities, a third never check their bill

Mark Windle, Strategy and Marketing director, Xura Security

Research commissioned by Xura, Inc., a provider of secure, digital communications services, has revealed the extent to which mobile subscribers are unaware of vulnerabilities in their mobile operator’s network that could lead to their calls or texts being intercepted, so becoming victims of fraud or unauthorised location tracking.

Only 30% of respondents to the survey – conducted with consumers in the US, UK and Australia – claimed awareness of any security weakness in mobile phone networks.

Respondents provided a list of reasons for their security concerns including vulnerabilities in operating systems (9%), apps (6%) operator data leaks (3%) and vulnerabilities in Bluetooth, Wi-Fi, and voicemail hacking. However, only 6% indicated specific awareness of vulnerabilities in the technology of the telecoms network itself.

Mark Windle, Strategy and Marketing director, Xura Security, said: “SS7 [Signalling System 7] is a core technology used by telecoms networks globally. SS7, however, contains vulnerabilities that can be exploited to carry out a whole host of malicious activities; from triggering fraudulent calls or texts to be sent to premium rate services at the subscriber’s expense, to location tracking and call/SMS interception. The threat is very real but thankfully so too is the solution. Xura is actively helping operators around the world to secure their networks and protect their customers. Naturally some operators move faster than others and those that are yet to act will know the consequences of not protecting themselves and their subscribers against potential attacks. Securing their networks should be the highest priority.”

Shockingly, almost a third (32%) of mobile subscribers never check their balance or bill to verify that they have been correctly charged or to detect possible suspicious activity on their account, with those aged between 31 and 50 least likely to check their monthly bills.

“Often these attacks can happen without the mobile user’s knowledge. With fraud, the only indicator may be on the subscriber’s bill. However, we appear to have considerable faith in mobile operators, hence why many of us may not think to suspect any inaccuracies in bills: according to the research over two thirds (69%) of subscribers questioned feel they are moderately well protected by their service provider from fraudsters and hackers. Until the network is properly secured, the operator is putting this significant amount of customer loyalty at risk,” continued Windle.

In terms of which hacks would affect subscribers the most, over half of subscribers felt like they would be severely or badly affected by a denial of service attack (58%), fraudulent calls and SMS subscriptions respectively (52%). Fraud is also the type of hack that subscribers feel is most likely to happen to them, with 45% anticipating becoming a victim of fraudulent calls made at their expense, and fraudulent registration for premium SMS services (38%).

Subscribers also indicated that if they became a victim of mobile cybercrime, nearly half (49%) would seek compensation from their mobile network operator and a third (33%) would inform the telecom regulator. Worse still, 29% would change their network provider either immediately (22% ) or at the next renewal date (7%).

Windle added: “SS7 attacks leading to fraud are likely to impact subscribers the most, and with consequential impact for the network operators in the form of compensation claims or the loss of angry subscribers to competitors. With security becoming a priority for consumers and enterprises alike, operators have an opportunity to become the trusted provider by moving quickly to combat potential exploitation. By implementing a comprehensive solution that is powerful enough to secure all points of attack, not only blocking suspicious activity but also using advanced analytics to help secure the network against future attacks, the operator can detect, protect and secure their network assets, data and ultimately their subscribers.”

Other key findings:

    • 22% of subscribers don’t implement any rules when they decide to grant apps permission to access other features or data on their phone
    • Only 8% would switch to apps to make calls and send messages more securely than through traditional voice calls and SMS messages
    • 24% would change their number if attacked
    • 14% would report the hack on their social networks

“Despite a reasonable degree of awareness to potential threats, many subscribers (42%) increase their exposure to risk by not checking bills or not paying attention to app permissions. As subscribers, we need to take more care and be more vigilant. However, cybercrime conducted through SS7 vulnerabilities in the network may be completely invisible to consumers. The right place to tackle these threats is in the network, but right now many networks are not adequately protected from potential signalling attacks. Now is the time for the operators to join the fight against cybercrime,” concluded Windle.

Carried out in Quarter Three 2016, the research was conducted by Xura via Survey Monkey, and questioned 1,667 mobile network subscribers in the USA (595), UK (535), and Australia (537). A breakdown of findings by country are available on request.

For an infographic on the rise of mobile cyber crime Click Here.

Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus

RECENT ARTICLES

Connectbase expands baltic connectivity with Bitė partnership

Posted on: March 28, 2024

Connectbase has announced the addition of Bitė to its ecosystem. This partnership marks a step forward in enhancing connectivity options within the Baltic region, providing a link between local and

Read more

IOT Solutions World Congress 2024 connects semiconductor chips to industry

Posted on: March 27, 2024

Essential to manufacture computers, smartphones, cars, refrigerators or any electronic device, semiconductors are critical elements in the implementation of the Internet of Things. For this reason, IOT Solutions World Congress

Read more