Human security

Mobile World Congress 2022 Exclusive: Telcos and Digital Identity Cyber ​​Risks

Prior to Mobile World Congress 2022, Constella Intelligence conducted additional research and developed new findings by analyzing corporate credential breaches, exposures and leaks of employees and executives of the top twenty telecommunications companies listed on the Fortune Global 500 list. This new report, which presents data analyzed from January 2018 to September 2021, focuses directly on the digital vulnerabilities that telecommunications companies have faced in recent years and provides insight into what s expect in the years to come.

Our research identified a total of 4,873 breaches and leaks and 5,561,409 exposed records related to employee credentials of the companies analyzed. These significant numbers highlight the impact the COVID-19 pandemic has had on business personnel and the growing risks of cyber threats across the globe.

Constella’s exclusive Mobile World Congress 2022 report: Telcos & Digital Identity Cyber ​​Risks, focuses specifically on the digital risks facing telecommunications companies across the globe. These digital risks stem from human, technological and data-centric vulnerabilities that hackers exploit to collect sensitive information and launch large-scale attacks against telecommunications companies and their customers. The report shares statistics and insights into the corporate credentials that constitute the exposed records and data breaches that have become so prevalent in today’s largely internet-dependent world.

As a company focused on digital risk protection, cyberintelligence and cybersecurity, working to analyze cybercrime across superficial, deep and dark networks, we recognize the importance of these growing numbers. Threat actors continue to exploit company employees and executives through data breaches and data harvesting, spotting their vulnerabilities and attacking companies where they are weakest. This report details the ongoing digital threats that telecommunications companies face and examines statistics on corporate credential exposures and leaks.

Key findings from the Telecom Exposures report include:

  • Constella has found over 5.6 million exposed records from 4.9,000 corporate credential breaches and leaks since 2018 across the world’s largest telecommunications companies. The number of exposed records exploded in 2021, representing 57% of the 5.6 million exposed records.
  • Exposure of Telco executives and their personal information is widespread – 43% of Telco executives have had their corporate credentials exposed in a breach or leak since 2018.
  • Telco employees are likely at risk by using company credentials on non-essential sites such as games, social media and others. 13% of breaches occurred on third-party domains classified as “gaming” and 4% on social media sites.
  • More than ⅔ (67%) of identified breaches and leaks include personally identifiable information and various attributes. Sensitive information, such as passwords and names, are common attributes among exposed records.

What can be done to protect employees and businesses?

It is imperative to ensure that proper security and password protocols are adhered to by all employees, regardless of where they work from. Threat actors aim to take advantage of the risks induced by the new hybrid and remote work models introduced into the workforce due to the COVID-19 pandemic.

The more websites a corporate email address is used on, the more likely it is that an employee’s information will be exposed. Careful use of corporate credentials can make a difference by limiting attack vectors that increase vulnerabilities for employees and their corporate networks.

Additionally, companies must be diligent in protecting those who have privileged access to corporate networks and critical infrastructure. Changing passwords frequently, not reusing passwords, limiting the sharing of personal information on public social platforms, applying custom privacy settings, and using multi-factor authentication are just some of the ways in which employees can protect their data. In addition, companies and their leaders should make it a priority to develop proactive and continuous monitoring programs to remain vigilant of exposed sensitive information and personal data circulating on the social, shallow, deep and dark web that can allow a wide range of cyber risks. .

Article written by Jonathan Nelson, digital intelligence specialist at Constella Intelligence

Learn more about your organization’s risk exposure

Executives and key employees like privileged IT staff and HR are the new attack vector for cybercriminals because they have front-line access to sensitive information that can lead to credential theft, taking account control and ransomware attack. Surprisingly, most organizations don’t recognize the need for employee protection – until it’s too late.Protection of Constella employeeshelps organizations quickly identify and remediate threats targeting thousands of key employees at scale with real-time monitoring and automatic early warnings when credentials have been exposed.

Read the full ‘Mobile World Congress 2022 Exclusive: Telcos and Digital Identity Cyber ​​Risks ‘Refer to learn more.

Try ourExposure Risk Toolto see if you, your business or your employees have been exposed – FREE.

The post office Mobile World Congress 2022 Exclusive: Telcos and Digital Identity Cyber ​​Risks appeared first on Constellation.

*** This is a syndicated blog from the Security Bloggers Network of Constellationwritten by Jonathan Nelson. Read the original post at: https://constellaintelligence.com/telco-exposures-report/