AT&T, the American telco, has published the first in a new series of cybersecurity reports. The content is basic, and aimed at c-level execs with little training in technology – though I find it worrying their glossary explains terms like ‘malware’, ‘packet’ and ‘firewall’. The report was also guilty of useless alarmism at various points, most notably when it commented on the growth in external attacks by saying: “experts describe this situation as a state of war.” Nevertheless, the 36-page document contains some interesting information, and helpfully lists all its sources. Here are four takeaways from the report.
1. AT&T’s network has seen a 62 percent rise in distributed denial of service (DDoS) attacks over the last two years.
This reported growth in DDoS may seem alarming, until you realize that higher growth rates have been reported elsewhere.
2. Hackers test for vulnerable IoT devices 5 times more than previously.
The first step in compromising security is to scan for vulnerabilities. AT&T noted a 458 percent increase in the number of times that IoT devices were scanned.
3. Malicious insiders may pose more risk than external attackers.
One anecdote captures the danger of trusting employees to be responsible with personal data.
No one could exactly put their finger on it, but there was something just a little, shall we say, fishy about one of the network managers working at the regional headquarters of a state government agency. When his superiors eventually asked AT&T to investigate, their worst fears were confirmed. For months he had been quietly sifting through his company’s official databases for embarrassing information about people who tormented him in high school and was using it to blackmail them.
4. AT&T is positioning itself as having the data necessary to protect businesses from cybersecurity threats.
As they put it:
AT&T aims to arm you with information and best practices for elevating security in your organization to a strategic business imperative. We have unparalleled visibility into the data traveling over our network because we analyze over 10 petabytes of traffic each and every day.
This begs the question whether AT&T is primarily seeking to monetize security offerings, or is using security for competitive differentiation. There are some difficulties with the latter strategy; not all decision-makers will respond rationally to an accurate analysis of the attacks that come over a network.
Much of the information in the report has been taken from other reports, and the insights will be familiar to those with a solid grounding in security. Nevertheless, AT&T’s report may be useful if given as an “idiot’s guide” for senior executives with a poor understanding of modern networks and technology. You can freely read and download the report from here.