The European Union Agency for Cybersecurity (ENISA) has published fresh data on 1,100 “cybersecurity” incidents across the EU’s telcos and “trust services” (certificate authorities/electronic ID services).
This came in an update to its “CIRAS” tool, which contains anonymised data submitted to national regulators across the EU.
Telco Outages: Hardware Failures are Rife
Despite ostensibly focussing on security, the data shows that most incidents were accidental outages; in turn largely (21 percent and 20 percent respectively) blamed on hardware failures and power cuts.
Drilling down a little more, and the most incident-prone hardware was deemed to be switches and routers.
(Many telcos are early on in the move towards virtualised platforms, and creaking legacy tech stacks are common. The shift towards a world of physical functions running as software – as VMs over general-purpose servers, including in the cloud — is an ongoing one in the telco space.)
Across the telco sector, ENISA tracked a total of 153 incidents in 2019.
Analysing telecom security incidents ENISA notes that: “Over the last 4 years, the most common root cause of telecom security incidents is system failures (412 out of 637 incidents). The second most common root cause is human errors with nearly a fifth of total incidents (19%, 119 incidents in total).
“Natural phenomena are the third root cause with 11% while only 4% of the incidents are categorized as malicious actions.”
Trust Service Providers
The cyber agency has also compiled a report on “security” incidents within the digital certificates and electronic signature industry.
Again, the last four years of trust services security incident reporting highlights that the common issues is system failures, while a fifth of the reported incidents were attributed to human error.
Trust Service Providers DataThe European Union Agency for Cybersecurity is based in Athens and Crete and is one of the EU’s smallest, with an annual budget of approximately £9.7 million.
It is currently tasked with training EU member states in preventative and cybersecurity response methods.