An insight from the ENISA Telecom Security Incident report: 5,106 million user hours lost each year

Feb 22, 2024

Security remains a paramount concern in telecommunications. As we delve into the depths of the Annual Report on Telecom Security Incidents 2021 in the EU, a comprehensive overview emerges, shedding light on key facets of security incidents, reporting frameworks, and trends shaping the industry.

UNDERSTANDING THE REPORTING FRAMEWORK

Telecom operators play a pivotal role in the reporting ecosystem, notifying significant security incidents to national authorities. These authorities, in turn, compile summaries and share them with the European Union Agency for Cybersecurity (ENISA). This collaborative framework ensures a structured approach to incident reporting and analysis, facilitating proactive measures to address emerging threats.

INSIGHTS AND KEY TAKEAWAYS

The report reveals significant trends and insights gleaned from security incidents in 2021. A standout observation was the staggering total of 5,106 million user hours lost over the year, a huge increase compared to 841 million user hours lost in 2020 as shown in the diagram below. Notably, while system failures accounted for 7% of this loss, an overwhelming majority—90%—was attributed to human errors, underscoring the critical importance of human factors in cybersecurity incidents. Moreover, incidents concerning confidentiality and authenticity garnered attention, with a significant increase reported for the first time. Malicious actions witnessed a doubling, underscoring the evolving tactics of threat actors. Conversely, there was a decrease in incidents attributed to third-party failures, indicating enhanced resilience in certain areas.

EXPLORING ROOT CAUSES AND IMPACT

Categories of root causes provide valuable insights into the underlying factors driving security incidents. System failures and human errors remain prevalent, underscoring the importance of robust infrastructure and training initiatives. Notably, incidents related to third-party failures witnessed a decline, signalling improvements in supply chain security. In terms of impact, user hours lost serve as a tangible metric, with human errors accounting for the majority, followed by system failures and malicious actions.

UNVEILING DETAILED CAUSES AND AFFECTED ASSETS

Delving deeper, the report dissects detailed causes and their implications. Hardware failures, software bugs, and faulty software changes/updates emerge as prominent contributors, highlighting the importance of rigorous testing and maintenance protocols. Mobile services emerge as the most affected, reflecting their central role in contemporary communication networks. Technical assets such as switches, routers, and mobile base stations/controllers bear the brunt of incidents, emphasising the need for robust safeguards at critical junctures.

DRAWING CONCLUSIONS AND LOOKING AHEAD

In conclusion, the report offers valuable insights and actionable recommendations to enhance telecom security resilience. It underscores the imperative for heightened vigilance in reporting incidents related to OTT services and anticipates a continued rise in incidents concerning confidentiality and authenticity. While the dominance of system failures persists, efforts to mitigate human errors and bolster supply chain security remain pivotal. Looking ahead, stakeholders must remain vigilant, fostering a culture of collaboration and innovation to safeguard against evolving threats.

FINAL THOUGHTS

The Annual Report on Telecom Security Incidents 2021 in the EU serves as a beacon, guiding stakeholders in navigating the complex terrain of cybersecurity. By illuminating trends, challenges, and opportunities, it empowers the industry to fortify its defences and adapt to emerging threats. As we embrace the digital future, collective vigilance and proactive measures will be indispensable in safeguarding the integrity and resilience of telecommunications networks across the European Union.

Security in telecommunications isn’t merely a technical concern; it’s the cornerstone of trust in our digital infrastructure. Every incident underscores the critical need for robust defences and proactive measures. As stewards of connectivity, we must prioritise security to uphold the integrity and resilience of our networks, ensuring they remain reliable foundations for society’s digital future.”

Technical Director Barend Gildenhuys

Download the full report here