PDF of this tutorialLow customer loyalty in a highly competitive market environment demands service providers to constantly diversify their service portfolios by dynamically adding new services, upgrading service levels and increasing service flexibility. An unprotected network subjected to recurring attacks will inevitably suffer violation of these services. It will also be exposed to the risk of customer churn due to unavailable services and network downtime. The realization that strangers have invaded and abused services and accounts belonging to paying subscribers, combined with public knowledge that severe security breaches were discovered only after subscribers had received their bill and found many unexplained transactions, contribute to bad public image and an ongoing failure to attract customers.
Customer requirements for the latest devices, mechanisms, and applications—widely purchased in order to enable effective competition and vendor business considerations, arising from the attempt to release their products within time-to-market constraints—result in a situation where many technologies are deployed before they have fully matured. As such, many products do not guarantee a secured operation, nor can they assure protection of network resources in any way.
Many fraudulent incidents remain unreported because most operators and service providers prefer to maintain a low profile when it comes to deficient network security. This could bring bad publicity, intimidate investors and other collaborators, or incite subscriber demands for a better, more secure service—entailing costly adaptation and re-enforcement of existing security measures in an effort to regain satisfaction and trust. As result, methods of attack used on one network may not be brought to the attention of all operators and service providers; enabling the same method to be used several times before it is collectively recognized and dealt with through reconfiguration of security devices. Certain fraudulent incidents involving unauthorized access to subscriber details and privileges may result in legal prosecution and liability for damages—once again at the expense of good business, revenue, and public image.
