19.5k unique visitors in the last 3 days

4 Takeaways from AT&T Cybersecurity Report

AT&T's report is basic but contains a few interesting nuggets of data. It assumes readers have little understanding of technology, which may make it useful to share with naive executives.

AT&T, the American telco, has published the first in a new series of cybersecurity reports. The content is basic, and aimed at c-level execs with little training in technology – though I find it worrying their glossary explains terms like ‘malware’, ‘packet’ and ‘firewall’. The report was also guilty of useless alarmism at various points, most notably when it commented on the growth in external attacks by saying: “experts describe this situation as a state of war.” Nevertheless, the 36-page document contains some interesting information, and helpfully lists all its sources. Here are four takeaways from the report.

1. AT&T’s network has seen a 62 percent rise in distributed denial of service (DDoS) attacks over the last two years.

This reported growth in DDoS may seem alarming, until you realize that higher growth rates have been reported elsewhere.

2. Hackers test for vulnerable IoT devices 5 times more than previously.

The first step in compromising security is to scan for vulnerabilities. AT&T noted a 458 percent increase in the number of times that IoT devices were scanned.

3. Malicious insiders may pose more risk than external attackers.

One anecdote captures the danger of trusting employees to be responsible with personal data.

No one could exactly put their finger on it, but there was something just a little, shall we say, fishy about one of the network managers working at the regional headquarters of a state government agency. When his superiors eventually asked AT&T to investigate, their worst fears were confirmed. For months he had been quietly sifting through his company’s official databases for embarrassing information about people who tormented him in high school and was using it to blackmail them.

4. AT&T is positioning itself as having the data necessary to protect businesses from cybersecurity threats.

As they put it:

AT&T aims to arm you with information and best practices for elevating security in your organization to a strategic business imperative. We have unparalleled visibility into the data traveling over our network because we analyze over 10 petabytes of traffic each and every day.

This begs the question whether AT&T is primarily seeking to monetize security offerings, or is using security for competitive differentiation. There are some difficulties with the latter strategy; not all decision-makers will respond rationally to an accurate analysis of the attacks that come over a network.

Much of the information in the report has been taken from other reports, and the insights will be familiar to those with a solid grounding in security. Nevertheless, AT&T’s report may be useful if given as an “idiot’s guide” for senior executives with a poor understanding of modern networks and technology. You can freely read and download the report from here.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email