• Mega hacking incidents are growing, scamming is on the rise and the end users of telecoms services are increasingly upset. 
• In fact, they’re as mad as hell and they’re very close to saying they're not going to take it anymore...

There’s panic playing out regarding phone scamming and text fraud in the UK. It’s not hard to see why - just look at the statistics from Ofcom on reported scam attempts (below). They imply that we’re all at the sharp end, with the entire population either on the phone getting harassed, or on the phone making the scam calls.

That’s only a slight exaggeration. I’m speaking as one who (like many others) seemed at one stage to be getting multiple calls a week enquiring after my health following my ‘recent car accident’. My colleague Martyn Warwick took decisive action, stationing an ear-splitting whistle near the phone and attempting to deafen any telephonic miscreant that dared to have a go.

We’re scammin’, scammin’; Scammin’ till the break of dawn (apologies to Bob Marley)

According to Ofcom, text scams are the most common, with three quarters of 16-34-year-olds targeted.  It says almost 45 million people have been on the receiving end of potential scam texts or calls in the last three months, with more than 80% saying they had received a suspicious message, in the form of either a text, recorded message or live phone call to a landline or mobile. So that’s 44.6 million slightly annoyed right up to fully traumatised adults in the UK in the wake of the scamming epidemic.  

The overall effect, quite apart from the distress caused and sometimes financial loss suffered, is a growing collective disenchantment with what used to be called the ‘communications revolution’. Anecdotally we hear of people ditching their phones and curtailing their online life, convinced that very little is being done to banish the scammers.  

What about the big boys?

Of more immediate concern to the telecoms industry, though, are the activities of the well  organised crime syndicates, sometimes allegedly operating at the behest of foreign governments (you know who you are) orchestrating major hacks and ransomware attacks on not just public and private computer systems but also intelligent telecoms  infrastructure. Just last week BT announced that it was springing into action, because, it said, cyber attacks were proliferating at an unprecedented rate and it had calculated  that there had been a 50 per cent increased incidence of malware traffic since April this year, the vast majority of which have been attempts to break into business, municipal, public sector and government to extort ransom payments by encrypting vital data and computer systems.

Like all network operators, BT has a ring-side seat from which to view the consequences of cyber-crime on businesses targeted, some of which never recover. It has therefore introduced a system called  Eagle-i using AI and automation, to not only detect and neutralise security threats and attacks, but also to predict them.

Wider and deeper (and telecoms-oriented)

Perhaps the most worrying aspect of the building cyber-threat is that it’s become more apparent that major incursions can be planned to play out over a long period. Hackers can spend literally years rummaging about inside a major system planning a concerted attack or just stealing information as it is entered. 

Security experts CrowdStrike Services, CrowdStrike Intelligence and Falcon OverWatch, say they’ve investigated multiple intrusions within the telecoms sector from a sophisticated actor tracked as the LightBasin activity cluster, also publicly known as UNC1945. 

”Active since at least 2016,” says the Crowdstrike blog, “LightBasin employs significant operational security (OPSEC) measures, primarily establishing implants across Linux and Solaris servers, with a particular focus on specific telecommunications systems.

“LightBasin managed to initially compromise one of the telecommunication companies in a recent CrowdStrike Services investigation by leveraging external DNS (eDNS) servers — which are part of the General Packet Radio Service (GPRS) network and play a role in roaming between different mobile operators — to connect directly to and from other compromised telecommunication companies’ GPRS networks via SSH and through previously established implants. CrowdStrike identified evidence of at least 13 telecommunication companies across the world compromised by LightBasin dating back to at least 2019.”

If that doesn’t make your blood run cold, nothing will.