The mobile networks in the Middle East region are an easy target for Debilitating Distributed Denial of Service (DDoS) cyber attacks, said an expert.

Mobile networks in the region have evolved by leaps and bounds in the past handful of years, particularly as mobile users continue to gobble up as much mobile network capacity as possible.

Mobile data usage is absolutely ubiquitous today with the advent of always-on connectivity, the pull to constantly ‘check in’ on various social networks and applications, and to be able to do access the mobile network at anytime, at lightening fast speeds and with zero downtime, remarked Mahmoud Samy, the regional director, Middle East, Russia and CIS at Arbor Networks.

This trend is expected to continue as successive generations of more capable mobile networks and devices and compelling applications emerge. And crucially, data services are the only way Mobile Network Operators (MNOs) will offset long-term declines in their voice/SMS service revenues, he stated.  

But this shift to data-centric service delivery also imposes added operational challenges in maintaining that ‘always on, fast – and secure’ mobile broadband performance and availability that subscribers have come to expect, he noted.

The ‘secure’ piece of that equation is a major concern for mobile operators in the region today with the influx of attacks targeting MNOs than ever before, added Samy.

While mobile malware has been around for a decade and is certainly a concern, it’s far less of a concern in comparison to the debilitating effect a large DDoS attack would have on these networks. Add to that the fact that MNOs tend to struggle with proper visibility into malicious activity on their networks and the problem grows quickly.

According to a survey, 20 per cent said that they suffered a customer-visible outage due to a security incident, while 25 per cent don’t know if they had such outages due to a lack of visibility.

About 63 per cent do not know what proportion of subscriber devices on their networks are participating in botnets or other malicious activities.

About 25 per cent saw DDoS attacks targeting their mobile users, RAN, back-haul or packet core, but 29 percent cannot detect such attacks due to a lack of visibility.

The survey said 25 per cent witnessed DDoS attacks impacting their mobile Internet (Gi) infrastructure, while 25 per cent lack the visibility to detect such attacks.

Accordingto Samy, DDoS attacks targeting mobile networks tend to happen in one of two ways today.
 
*Network infrastructure and services: DDoS attacks can have a direct impact on targeted infrastructure and services by increasing traffic volume/session loads that reduce capacity and impair performance.  Internet-originated attacks have been around for a number of years.

Botnets composed of thousands of compromised PCs linked to a command-and-control server can launch DDoS attacks that disrupt mobile packet core and “Gi/SGi LAN” data center infrastructure including signaling/data gateways, firewalls, DNS servers, content optimizers and NAT functions.

The advent of IMS-based Voice over LTE and Rich Communication Services further expands the range of potential DDoS attack vectors (e.g., video spamming).

*End-user devices: SMS toll fraud, SMS phishing and malware trojans are just a few examples of how inventive miscreants are subverting smartphones, tablets, dongle-enabled laptops and mobile apps by inserting malicious code into legitimate apps to lure victims to bogus websites and services where they can then be exploited for financial gain.

Along with the growth of app stores (especially for Android-based devices) – many of which have no security oversight or ‘curated’ control – comes increased risk of compromised devices and unwitting users participating in botnets and launching DDoS attacks from the wireless side of the mobile network. This type of threat has the added potential to exhaust precious resources in the highest cost-per-bit part of the network: the radio access network (RAN).

Non-malicious threats are also a problem for mobile operators – i.e. threats on their mobile network from their own subscribers or devices, stated Samy.

"With the growth in app stores and mobile applications - many of which do not have any sort of security oversight or control – there’s nothing stopping compromised devices connected to the mobile network from becoming botnets and launching DDoS attacks from the wireless side of the mobile network," he added.-TradeArabia News Service