On July 16, 2019, U.S. mobile network operator Sprint announced a serious security breach that exposed sensitive information of an unknown number of customers’ information. Hackers gained unauthorized access in late June through a third-party website —Samsung’s “add a line” webpage. As data breaches targeting the telecommunications sector are happening more frequently than ever before, strengthening information security has become one of the most pressing tasks for these enterprises.
Critical Information Exposed
According to a letter from Sprint to affected customers, leaked information includes billing addresses, phone numbers, device type/ID, among other account details. Sprint says it reset the PIN codes of all compromised accounts three days after it discovered the attack. This is Sprint’s second account breach this year. Sprint’s subsidiary, Boost Mobile, suffered a credential stuffing attack in March, in which hackers used phone numbers and account PINs to break into customer accounts using the company’s website.
Challenges Facing the Telecommunications Industry
Telecommunications companies are a big target for cyber intrusions. The industry is responsible for critical infrastructure that facilitates world-wide communications along with large amounts of sensitive customer data. And keeping up with the sector’s information security challenges is a constant battle. In 2017, Verizon reported that 6 million customer records were compromised after an employee of NICE Systems, a Verizon partner that facilitates customer service calls, was able to access them through an unprotected Amazon S3 storage server.
As the interface between telecom companies and third-party technology providers increases, the risk of data breach or other cyber-attacks requires an effective management of third-party vendors. Such data breaches damage the company’s brand and reputation while undermining its ability to compete.
However, the telecommunications industry is also among the least prepared for cyberattacks. According to the report from EfficientIP, more than 40% of telecommunications companies suffered from Domain Name System (DNS)-based malware in 2018 and 81% of them took three days or more to apply a critical security patch after notifications.
An Effective Third-party Risk Management Strategy
How can telecommunications companies such as Sprint be better prepared to detect and mitigate the risks of third-party-based cyber-attacks? Through a combination of periodic control-based internal assessments and continuous external cyber risk monitoring. Ongoing cyber assessments of Sprint’s partner’s networks provides visibility into potential risks that can be exploited to gain unwanted access like what happened in this breach, while periodic assessments provide auditable evidence that Sprint’s third-parties have the compensating controls in place that address such risks. The most value, however, is gained when the control-based risk assessment results are aligned with the results of continuous monitoring to form a singular view of these risks – with recommended remediations to accelerate risk mitigation efforts.
Prevalent’s third-party risk management (TPRM) platform offers a comprehensive approach to provide visibility into the third-party risks that would have led to such data breaches. More specifically, the Prevalent Vendor Threat Monitor platform looks at various DNS data points to monitor and gain insights into the security posture of an organization, while notifications can be tailored to configuration-based risk events to track when a vendor remediates an issue. The results of these risk analyses can then trigger a more complete assessment performed by the Prevalent Third-Party Risk Management Platform.
As the industry’s only purpose-built, unified solution, the Prevalent TPRM Platform combines automated assessments, continuous monitoring, and evidence sharing for collaboration between enterprises and vendors in addition to expert advisory and consulting services to accelerate vendor risk mitigation efforts. For more on the value of a 360-degree view into vendor risks, watch a demo or contact us today.
A Microsoft zero-day exploit enables attackers to gain full admin privileges. Use this questionnaire to assess...