Sign up for our newsletter
Technology / Cybersecurity

New EU Data on Telco “Security” Issues Shows… Switchgear Failures and Power Outages

The European Union Agency for Cybersecurity (ENISA) has published fresh data on 1,100 “cybersecurity” incidents across the EU’s telcos and “trust services” (certificate authorities/electronic ID services).

This came in an update to its “CIRAS” tool, which contains anonymised data submitted to national regulators across the EU.

Telco Outages: Hardware Failures are Rife

Despite ostensibly focussing on security, the data shows that most incidents were accidental outages; in turn largely (21 percent and 20 percent respectively) blamed on hardware failures and power cuts.

Drilling down a little more, and the most incident-prone hardware was deemed to be switches and routers.

White papers from our partners

(Many telcos are early on in the move towards virtualised platforms, and creaking legacy tech stacks are common. The shift towards a world of physical functions running as software – as VMs over general-purpose servers, including in the cloud — is an ongoing one in the telco space.)

Across the telco sector, ENISA tracked a total of 153 incidents in 2019.

Analysing telecom security incidents ENISA notes that: “Over the last 4 years, the most common root cause of telecom security incidents is system failures (412 out of 637 incidents). The second most common root cause is human errors with nearly a fifth of total incidents (19%, 119 incidents in total).

“Natural phenomena are the third root cause with 11% while only 4% of the incidents are categorized as malicious actions.”

CIRAS tool

Telecom data

Trust Service Providers

The cyber agency has also compiled a report on “security” incidents within the digital certificates and electronic signature industry.

Again, the last four years of trust services security incident reporting highlights that the common issues is system failures, while a fifth of the reported incidents were attributed to human error.

CIRAS tool

Trust Service Providers DataThe European Union Agency for Cybersecurity is based in Athens and Crete and is one of the EU’s smallest, with an annual budget of approximately £9.7 million.

It is currently tasked with training EU member states in preventative and cybersecurity response methods.

See Also: IBM Blames “Third Party” for Global Cloud Outage

This article is from the CBROnline archive: some formatting and images may not be present.

CBR Staff Writer

CBR Online legacy content.