Spear-Phishing Attack Leaves Global Phone Networks Vulnerable
?
Just this week a large amount of unauthorised access was discovered within mobile phone network databases, the individuals who gained access to the data were able to do so by gaining employee credentials from deliberately targeted Spear-Phishing emails that were sent to higher up members of these organisations in order to gather credentials with more access to user data and geo-location data from users.
The above-mentioned information is highly confidential and should remain private, if consensually given out by a user to a Phone Company with the trust based upon them keeping it as secure as possible. Furthermore, this data is private to an extent that only the user should be able to access it and access must be granted by a user if an external individual would like to access it.
Additionally, by not educating higher up officials on the cyber-security related dangers that Phishing emails can pose towards a large company such as a phone network, like for example Vodafone, T-Mobile and Three which all operate across established areas and support many businesses with communication solutions.
The major issue addressed here with these attacks was that the hackers had access to privileged accounts and therefore would have been able to access any information that they desired, along with disabling security features which are in place to protect consumers.
Finally, this issue is becoming more and more common with 30% of telecoms firms in other areas of the world reporting that sensitive data had been either stolen, via a phishing scheme such as the above mentioned, or by a company accidently handing out information during cyber security attacks, due to a lack of security or a lack of secure storage of files.