This page contains a Flash digital edition of a book.
Fraud


Sheriff of Nottingham fi tting perfectly into the late ‘60s alternative zeitgeist.


Organised crime Fast forward to the present day and a far murkier picture now presents itself. In the words of Steve Cotton, director of business assurance programs at the TM Forum: “It’s pretty clear that it’s a target-rich and very lucrative environment out there for the criminally minded. T ey’re seeing this area just like any other organised business would and structuring themselves accordingly to exploit the opportunities.” Given the near-infi nite interconnectedness of


the world’s telecommunications networks today and the complexities of the underlying IT sys- tems that support them, there are numerous gaps and weaknesses for the criminal to exploit. Andy Gent, founder and chief executive of Revector (www.revector.com) – one of the innovators in telecom fraud detection and prevention tools – echoes the TM Forum’s perspective and ex- plains: “Fraudsters are businessmen – they com- mit frauds for a living and are prepared to invest time and money to develop the conditions where they can implement frauds because the rewards are huge. “T ere are generally seven basic fraud types –


but only some of these impact a mobile operator – and each has its own characteristics: subscrip- tion fraud; system access fraud including hacking into PBXs; call selling; the artifi cial infl ation of traffi c; revenue share fraud; payphone fraud and bypass fraud. On top of these you obviously have to include frauds being carried out internally by corrupted staff . In practice, you often fi nd that a number of these diff erent approaches have been combined by the fraudsters to make detec- tion more diffi cult and prevention harder, with a lack of cooperation between diff erent compet- ing network providers complicating matters even further. More detailed information is available at http://fraudforthought.com.”


Stepping up to the problem Just as with classic IT security, a number of or- ganisational and human factors also impact nega- tively on attacking fraud. Until relatively recently, revenue losses whether caused by direct fraud or just by bad data and assorted ineffi ciencies and errors were to a large extent ignored by service providers. With the businesses now being run by aggressive marketers keen to grab market share at almost any price, warnings about exposures to loss and risk were often ignored by executive management. Highlight security issues and you could be seen as a nitpicker who was stifl ing growth and defi nitely not being a team player. Compounding this were organisational and cul- tural issues, with siloed responsibilities across rev- enue assurance, risk management, business assur- ance and security functions leading to an inability


LAND mobile August 2013


The Android OS in smartphones is a major emerging area for fraud, especially when users enable the ‘allow installation of non-market applications’ option


to approach a complex problem in holistic and coordinated ways. While a number of diff erent industry organi-


sations – such as the UK-based Revenue Assur- ance Group (www.revenueassurancegroup.net) and the Communications Fraud Control As- sociation (www.cfca.org) – act as forums where service providers can share issues in confi dence, the multifaceted nature of the risks and threats involved require as broad as analysis as possible. Key to addressing these risks is fi nding ways to chart and track vulnerabilities in standardised and clearly defi ned ways and so earlier this year the TM Forum released its Fraud Classifi cation Guide, listing in detail over 70 diff erent types of fraud threat. It is now also sharing these insights with FIINA, the interestingly named Forum for International Irregular Network Access and made up of many of the world’s leading telecoms op- erators. T e TM Forum is continuing its work in this area by developing a solutions maturity model for fraud to help service providers adopt continuous improvement strategies to deal with these issues in incremental and manageable ways.


A new can of digital worms It often seems however that as soon as one fraud hole is blocked, another part of the telecoms industry is boldly launching new services, tech- nologies and devices that simply open up new vulnerabilities. In this context, the implicitly open nature of Internet-based communications is combining with the complexity of telecoms to create a potential perfect storm with threats com- ing from many new emerging areas. Christopher Boyd, senior threat researcher at


T reatTrack Security (www.threattracksecurity. com) identifi es the increasing use of the Android OS in smartphones as a major emerging area, “es-


pecially when users enable the ‘allow installation of non-market applications’ option which permits installs other than from the Google Play store – where, while not 100 per cent malware free, appli- cations do at least undergo some screening. Once users do this, the device is at risk from infection that, once installed, could send premium rate SMSs in the background, do premium rate pocket dialling or harvest personal information.” He adds: “Commonly faked applications


include popular instant messaging tools and imitations of games such as Angry Birds. Fake applications are installed by downloading and transferring a rogue software fi le to the phone or scanning a QR code to be taken to the relevant compromised download site. Along with fake application specifi c sites, imitation Google Play stores have been a problem for some time.” Expanding on this issue, Michael Sutton, vice


president of security research at enterprise cloud security specialist Zscaler T reatLabz (www. zscaler.com/threatlabz), comments: “As there is only limited space available on a mobile phone screen, it is easy for hackers to redirect users to unsafe pages. Very few users think to check the entire URL before browsing to a page. On top of that, social networks frequently present a potential risk because many people use their mobile devices to update their status on Xing, Facebook, Twitter and so on. In social networks, users tend to be much more open when dealing with contact requests. If the message containing hidden malicious code seemingly comes from a friend, users are more likely to activate it. Clickjacking and likejacking exploit this bond of trust. Hackers use diff erent fi le endings (such as CSR fi les) for this purpose because many users do not realise that these fi les might contain executable code. Once Trojans are in circulation,


15


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36