On this episode of the Six Five Webcast – The 5G Factor, hosts Ron Westfall and Tom Hollingsworth dive into the latest developments and challenges within the telecom sector, focusing on cybersecurity, AI integration, and combating fraud.
Their discussion covers:
- Nokia’s new Threat Intelligence Report: an analysis of the accelerating cyberattacks on telecom infrastructure and the increasing utilization of GenAI by cybercriminals to boost the speed, volume, and sophistication of attacks
- The Qualcomm AI Orchestrator: a discussion on its purpose to harmonize AI functionalities across platforms to enhance interaction experiences and bolster security measures
- Vodafone’s innovative approach to fraud prevention: how the use of data-driven APIs, like Scam Signal, equips the telecom industry to counteract fraudulent activities effectively
Learn more about the Six Five Webcast – The 5G Factor at The Futurum Group.
Watch the video below, and be sure to subscribe to our YouTube channel, so you never miss an episode.
Or listen to the audio here:
Disclaimer: The Six Five Webcast – The 5G Factor is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors, and we ask that you do not treat us as such.
Transcript:
Ron Westfall: Hello and welcome everyone to The 5G Factor. I’m Ron Westfall, Research Director here at The Futurum Group. And today, thankfully I’m joined here by my distinguished colleague, Tom Hollingsworth, the Networking Nerd and Event Lead at Tech Field Day here at The Futurum Group. Tom, how are you? It’s great to see you back on the show.
Tom Hollingsworth: I know, Ron. It’s been a busy few weeks I’ve been out and about, but the good news is that I’m back and we’ve got some fun stuff to talk about today and it should be an interesting Friday.
Ron Westfall: I agree wholeheartedly. In fact, I believe we’re coming off a, to your point, very successful string of Tech Field Day events over the last couple of weeks. And as such, I think this is giving us some foundation, some good material for today’s 5G factor. We’ll be focusing on the major 5G ecosystem developments that have caught our eye. And so with that, let’s jump right in. And speaking of major developments in the 5G ecosystem, security is always paramount. I think that’s understood, that’s true across the entire networking realm. And what I think is of key importance is that Nokia recently released its tenth threat intelligence report, which shows that cyber attacks on telecom infrastructure is accelerating as cyber criminals increasingly harness, you guessed it, GenAI as well as automation to increase the speed, volume and sophistication of these attacks. Now among the report’s key findings is that DDoS, or distributed denial service attacks, can quite simply overwhelm the telecom infrastructure. The number and frequency are increasing dramatically.
And so that can make a network inarguable. And I think the headlines caught that just over the last couple of weeks where for example, Verizon, had some network outage issues. And what is linked to this is that these attacks have grown from one or two a day to well over a hundred per day, and that’s across all the networks almost. Also, bots or botnets, continue to be primary sources of these DDoS attacks, and they represent about 60% of the DDoS traffic monitored by Nokia from June of ’23 to June of ’24. And during that time period, residential proxies became a prominent tool for more advanced application layer attacks. And this is something that is hitting more regions more than others. In a nutshell, North America has seen the highest number of these cyber attacks, accounting for about one-third of the total, due to the concentration and scale of telecom infrastructure and large enterprises in the U.S.
Now, reflecting a trend of recent years, the growth in DDoS attacks has been fueled by the proliferation of hundreds of thousands of insecure IoT devices ranging from smart refrigerators to smartwatches, which often have lax security protections and have gigabit and multi-gigabit broadband capacity that facilitate the spread of malware. The most common malware in telecommunications networks was found to be a bot that scans for vulnerable devices with weak encryption passwords or design flaws. Now, this is something we’ve seen before, however, this proliferation of attacks is concerning. Tom, from your view, what do you see what’s different this time about cyber attacks on telecom infrastructure including naturally 5G networks?
Tom Hollingsworth: I think that it’s interesting because Nokia operates a DDoS protection service called Deep Field that they’ve done a really great job of trying to figure out what’s going on, and I like this idea that they’ve narrowed it down to being a large percentage of the traffic coming from IoT botnet activity. We’ve seen this for a while where things like insecure Xiaomi webcams can be amplified to turn them into basically packet generators. And the worst part is, well, there’s two worst parts. One, you’re not going to expect to see a whole lot of extra traffic coming from a camera. You’re going to be looking for other things on your network like, “Oh, my server got hacked,” or something like that. You wouldn’t think to look for the IoT devices. But the second thing that’s even more insidious is that these systems have security baked in from the factory. Those certificates are generated and then rarely ever touched again. There are root passwords in some cases, I’m not saying it’s the camera specifically, but in some other IoT devices, are hardwired into the system. So the only way to fix it is basically to take it offline and junk it.
And the problem is that when you think about how many of these devices are insecure and capable of being used in these amplification attacks, Nokia has been sinking, as in collecting and dumping this traffic, hundreds of gigs if not terabits of traffic. Some of the things that we’re seeing out there are beyond the scale of anything that I could possibly have imagined in the past, and it’s only going to get worse as more and more IoT devices have less and less security because security costs money. And if my option is that I need to hit a device at a certain price point, then I’m going to leave out whatever I can to get to that point. You don’t see these kinds of attacks coming from things like Honeywell thermostats or from larger, I don’t know, say the digital signage TVs on the wall because those are relatively expensive devices, which means they have a baseline of security built in.
So we’re going to start relying more and more on companies like Nokia who are effectively offering a sieve to drop that traffic because this isn’t like the DDoS protections that you might’ve imagined from 10 years ago where we can prevent SYN floods and things like that from connecting and just basically preventing that kind of connection. Like you mentioned, application layer attacks are becoming more and more prevalent, which means the underlying network infrastructure is relatively reasonably unchanged. It’s the applications that are impacting that. And here’s the other insidious thing about it. Why would this be important for a company to want to defend against?
Well, if you look at some of the latest actions going on in a global stage, often massive DDoS attacks can precede other kinds of actions. We saw one in Ukraine right before the invasion. There was a massive DDoS attack that basically took a lot of things offline so that there was no way to do command and control coordination amongst some of their forces. I’m not saying anybody’s going to be trying that in the US anytime soon, but one thing that we’ve learned over the last few months and possibly even the last year or so is that coordinated attacks on infrastructure can cause a big problem.
Ron Westfall: I agree wholeheartedly. And I think insidious is an apt term. We can basically reboot that franchise just looking at the increasing sophistication of these attacks. And I am glad you brought out attention to the background here, i.e., it could be a supply chain factor. In fact, another aspect here that the report brought out is that systems on chips, or SOCs, hardware integrated circuits that are incorporating computer components and drive the high computing and network performance and also help minimize power consumption. Cyber criminals are increasingly targeting SOCs to exploit vulnerabilities in various components. And that includes firmware, software and hardware interfaces. So it’s really getting under the hood now. It’s not just, “Okay, we found a vulnerable port, or a poorly configured IoT device.” We are, just that, being able to attack in a new way that requires quite simply new defenses.
And to top it all off, there’s quantum computing coming into the picture, and this is another example where threats are evolving rapidly. Organizations like the NIST, which recently standardized the first algorithms, these will form components of an approach to counter the potential of quantum computing and quite simply continuing to help shape overall strategies security strategies globally. And so when he boiled down, it’s like in order to fight AI-generated cybersecurity threats, you have to enlist it AI as well as GenAI. And same thing with Quantum. So it’s Quantum Fire and hopefully the good guys will simply win more often than the bad guys. And this is the newest chapter in terms of how threats are evolving and required quite simply new and more sophisticated responses and solutions. And with that, let’s look at something that can help with this. I talked about AI and using AI to fight AI cyber crime. Well, we saw that Qualcomm has come out with an AI Orchestrator offering. And it’s a new addition to the existing Qualcomm AI stack. And what it is, is that it sits between the apps and the AI framework and run times, which can provide the orchestration needed for all functions that include, certainly ,security.
Now, in terms of the evolving landscape, I see that Qualcomm AI Orchestrator is poised to expand its capabilities including integration of device, device and also other situations like device to car configurations, another interesting example of IoT. Now, what this Orchestrator could do is leverage the best aspects of each device and generate the most compelling experience for the user, and that includes certainly security. Now, these designs can enable the Orchestrator to continually evolve, and that includes meeting these cybersecurity threats and also accommodate new, improved AI capabilities. Because what’s important here is that devices are integral to inferencing at the edge of the network. That is, ensuring that the AI workloads are secure. They don’t leave the device. You can do the inferencing right there on your device and avoid sending AI workloads across the wide area network to the cloud where vulnerabilities can occur.
Now, this is different from AI training where you have the GPU clusters doing the heavy lifting of training the models, but once that’s done, then you can have the ability to inference at a local or edge perimeter. And that will make a big difference, I believe, in terms of overall AI security, let alone respecting privacy. Now, what’s also important I think to note here is that the Qualcomm AI Orchestrator harnesses AI functions and provides that personalized experience that I was just talking about, for example, on the smartphone, on the tablet. And also, be it other devices across the Snapdragon portfolio. And I think this is something that is good news quite simply for not only smart devices, but for making AI more user-friendly and fundamentally secure. And so Tom, from your view, what do you see about this Qualcomm AI Orchestrator announcement that can be a difference maker?
Tom Hollingsworth: I think that Qualcomm is one of those companies that’s finally figuring out that there’s a lot more power in their devices than they’ve been letting on. And they need a way to kind of coordinate how to leverage it to do more things. And this is what we’re talking about when you look at the push from companies like Apple to do more of the AI inferencing on device for security reasons, I think that a lot of people are going to fall in line and start doing that same model, or maybe if they’re not doing it on device, they’re doing it on the edge close to the device so that they’re not paying transit costs and things like that.
So being able to orchestrate that at a certain level is critical. Look at it this way, everybody’s seen in warehouses where they have those little handheld scanners. And they’re generally now smart devices that connect via Wi-Fi, and when they’re not doing scanning, they’re kind of sitting there, right? What have you got a way to be able to leverage distributed computing to those devices and break these systems down so you can do inferencing when those systems are not in use? Like, I don’t know when they’re sitting on a charger at night. That would be a huge motivation for a company want to adopt this when you basically say, “You’re already using this technology, why not leverage it for more things? Why not get more dollar revenue out of it per device?”
And I think Qualcomm’s kind of on the leading edge of this because they provide so many chips for these edge solutions. We’re not talking about an Nvidia here that is building these kind of high performance water cooled nuclear-powered systems to do this. We’re talking about Qualcomm who’s like, “Hey, we can do AI inferencing, maybe we’re not going to beat whatever the latest hopper chip is, but we’re going to do it on a budget that runs on a battery.” So I think that they’re on the right track here because they know that they can’t compete with these monstrosity systems. So they’re figuring out how best to approach it and make it usable for end-users because I think what we’re going to see maybe within the next couple of years is this big shift to doing more things on device for security purposes.
Ron Westfall: Yes, and I think it’s in general as well. I think we talk about the AI era. I think we’re pretty much at the hybrid AI era where training and inferencing is being more implemented at the premises or on the device. And this is something that will, again, to your point, Tom, benefit the entire ecosystem. And this is something that I think we’ll have direct bearing on the cyber security threat that we started off with. And let’s now turn to a specific example of where cyber security can play an integral role. And that is certainly in fraud prevention. And what we’re seeing is that fraud is quite simply something that has been a major, I guess you can say, a downside to some telecom services. And if you look at the UK specifically, Vodafone reported that over one billion pounds has been a loss because UK consumers have been victims of fraud, or at least Vodafone has been the victim of fraud.
So what we’re looking at now is that using mobile network intelligence, certainly a good deal of it is AI driven, can hopefully provide a solution that makes fraud prevention and detecting fraud threat simply more automated and, well, more effective. And so what they’re pointing to is that when it comes to bank impersonation scams, what happens is that someone will receive a call from another person pretending to work for their bank and then telling them to move funds to a trusted account, but then again, the money ends up in a fraudster. So this is kind of a variation of, okay, you’re getting an email that looks very convincing, but obviously it’s a variation of a phishing scam. And these thefts are costing not just the UK but European banks, all these hundreds of millions of pounds that has been cited. Now, when it comes to chargebacks, fraud occurs when an unethical customer makes a purchase online for a product with the credit card and then contacts a credit card issued issuer to say that the purchase was fraudulent.
And this is something that is kind of on the flip side, now it’s the consumer who or the customer that’s perpetrating the fraud. But I think we’ve seen reports of where this can run into tens of thousands of dollars before it’s detected, especially when it’s an international type scenario. So what’s being proposed is to enlist APIs to really up the game for mobile operators. That is, using more intelligence to better understand these fraud scenarios as they’re emerging, that is prevent them before they blow up, nip them in the bud quite fundamentally. So now what Vodafone is doing is investigating how data and the APIs that are aligned to their expanded data links can be used to determine whether a user is making a purchase for malicious purposes. And so the next step here is that it’s enlisting various industries to better trust the entity behind the mobile number. And so when you’re looking at social networks and so forth, you want to remove, “Okay, is this a phishing scam? How can you prevent this from occurring?”
So as fraud is evolving and it’s becoming again just like cyber attacks on telecom infrastructure more sophisticated, I foresee that by building these APIs that are dedicated to detecting fraud, to quite simply reducing the level of threats to not just the telecom infrastructure network itself, but also, again, mobile devices and mobile numbers themselves. And that can again enable operating across multiple data aggregators and sectors to provide this critical data to make it safer for people to get online using their mobile devices and have confidence they’re not being defrauded or that operator or the credit card company can have confidence that somebody is not defrauding them. And so again, variations of AI becoming a player here in cyber crime and “All right, let’s use AI to fight cyber crime.” And in this particular use case, so Tom, do you see hopes for progress or is this something that can actually get worse?
Tom Hollingsworth: I think it can. It kind of comes down to just doing the basics that we expect, right? It’s doing work on making sure that we’re authenticating sources of messages and things like that. Because I’ll tell you that it’s getting a lot more complicated to figure this out. There was a story that I saw just a couple of days ago about someone who received an inbound phone call from a number that was from Chase Bank and they were asking him to authenticate and do some things and luckily kind of that voice in the back of your head that says, “Don’t do this,” went off. And so he is like, “Hold on, I’m going to hang up and call you back.” And he called the same number back, got ahold of the Chase support line, and it turns out of course that they had initiated no such call and it was just basic caller ID spoofing, which is something we’ve known how to do for years.
But it’s that combination of all of those things. It looks right, it sounds right. They have access to details and they’ve created AI scripts to adjust for any potential problems that could come up in the middle of this call. So I like the fact that Vodafone is basically saying, “We already have access to this data. Let’s see if we can put two and two together to prevent this.” We saw the same thing here recently when MasterCard purchased Recorded Future. They’re one of the largest security intelligence firms out there and they were bought by a credit card company because according to MasterCard, if you read between the lines, they really are spending so much money fighting credit card fraud that it would be cheaper to buy a company to help them fight it than it would be to continue to pay that company to do it for them.
And I think that’s something we’re going to see a lot more of when you have things like sim-swapping attacks. Because most of the time you’ve got two categories of people. You’ve got the ones that are using it to do some quick hit stuff, like I want to get a few hundred or a thousand or so dollars from people who are unsuspecting, but more insidiously, you’ve got people who are using these attacks to flip to get more secure access to things, to be able to grab two-factor authentication codes and stuff like that. Which by the way, if you’re still using text messages for your authentication for two-factor, you need to move to an app-based solution because it’s going to be way more secure because it defeats particular problems like this.
And as we start moving away from some of these more traditional things, like NIST just released new guidance on passwords and now they’re saying things like, “It doesn’t need to be complex, but it needs to be longer. It needs to be something that is more easily remembered by you, but more difficult for people to break. And we’re moving to things like pass keys where my device’s biometrics can authenticate my login to a website. We are seeing more and more companies start become more and more cagey about this because as we reduce the occurrences of incidental fraud, the problem is that the people who can pull off the fraud are using methods that allow them to defraud for larger amounts. So this isn’t a situation where a thousand customers are contacting our helpline because they got defrauded by a hundred dollars. It’s because 10 customers all got defrauded for a hundred thousand dollars and now that’s a bigger bill because well, if you’ve got all the tools to make it look legit, go big or go home.
Ron Westfall: Yes, indeed. And I think that’s an excellent point about, for example, biometrics playing a bigger role as well as using more app-based security technology such as zipper across the cloud fabrics. And I think this is something that was surprisingly a major theme at Oracle Cloud World. This is such a big deal now that you have major cloud database companies looking at how can we further the cause of better cybersecurity ultimately,. And hopefully it will make a difference that we are just getting smarter about things like app based security as well as biometrics just becoming more mainstream, more accessible, that people will embrace it on a broader basis to cut down on just that to FAA and email and text fraud. And I think it is reminiscent of the movie that recently came out the Beekeeper.
And that would be, I think, a good brand name for any anti-fraud solution out there because as we know in that movie, somebody was defrauded to the point that the beekeeper had to unleash this wrath on the bad guys. Well, ultimately it won’t come to those types of measures. It’ll just be smarter before we have to resort to a beekeeper type of response. And so with that, thank you again Tom for joining The 5G Factor. I know we got some Tech Field Days coming up on the horizon and I think that they’re going to be important ones for all of us.
Tom Hollingsworth: Yeah, absolutely. I’m going to be doing the next field day event in about a week and a half. We’re going to be doing Security Field Day out in San Francisco. Make sure you head over to TECHFIELDDAY.COM to learn more about that. And while you’re there, check out some of the events that we just finished up, like AI Data Infrastructure Field Day. We also did a special networking field day exclusive event with Nokia and more. And then Ron, you and I’ll get to see each other in the first week of November for our next networking field day event. It’s looking like it’s going to be a jam-packed one right now.
Ron Westfall: Yes, you took the words out of my mouth, the Plugs Networking Field Day in November. And so yes, that I think is just that it will have lots of great information and certainly looking forward to that. And on that positive note, thank you everybody again for joining The 5G Factor. As you know, you can bookmark us on the Futurum Group website and again, on this note, have a safe 5G day everyone.
Author Information
Ron is an experienced, customer-focused research expert and analyst, with over 20 years of experience in the digital and IT transformation markets, working with businesses to drive consistent revenue and sales growth.
He is a recognized authority at tracking the evolution of and identifying the key disruptive trends within the service enablement ecosystem, including a wide range of topics across software and services, infrastructure, 5G communications, Internet of Things (IoT), Artificial Intelligence (AI), analytics, security, cloud computing, revenue management, and regulatory issues.
Prior to his work with The Futurum Group, Ron worked with GlobalData Technology creating syndicated and custom research across a wide variety of technical fields. His work with Current Analysis focused on the broadband and service provider infrastructure markets.
Ron holds a Master of Arts in Public Policy from University of Nevada — Las Vegas and a Bachelor of Arts in political science/government from William and Mary.