Huawei, in collaboration with the SAMENA Telecommunications Council and stc, hosted a critical roundtable discussion on cybersecurity at the recent SAMENA Leaders’ Summit 2024. Titled “Building Telecom Cyber Resilience to Protect Business in the Digital Era,” the session brought together leading telecom operators, cybersecurity experts, and decision-makers from regulatory bodies.

This second edition of Huawei’s Global Carrier CISO Roundtable Series, led by Mazen Al Ahmadi, General Manager of Cyber Defense at stc, featured distinguished guests and high-level speakers. Their discussions focused on boosting telecom cyber resilience and safeguarding the digital space in an increasingly interconnected world.

Cybersecurity: A Cornerstone of Digital Success
The roundtable highlighted the critical role of cybersecurity and privacy protection in the success of businesses operating in the ever-evolving digital landscape. With the rise of immersive digital experiences and ubiquitous intelligent applications, network capabilities are undergoing rapid transformation, driven by deep network-cloud-intelligence convergence.

Mohammed Alosaimi, Chief Security Officer at Huawei Saudi Arabia

Securing the Future of Telecom Networks
Experts addressed the importance of cyber resilience for innovative telecom operators. Discussions focused on current challenges posed by advanced technologies like 5G and 5G-Advanced (5G-A) networks integrated with cloud and AI capabilities. Speakers examined strategies, models, tools, and skill sets needed to build resilience, alongside the necessary support from regulatory authorities. Remedial actions to address these challenges were also explored.

Mazen Al Ahmadi, General Manager of Cyber Defense at stc, said, “In today’s rapidly evolving digital landscape, cybersecurity and privacy protection have emerged as paramount concerns for businesses across all sectors, particularly in the telecom industry. The potential for cyber threats and data breaches has grown exponentially as the world becomes increasingly interconnected and reliant on digital infrastructure. Recognising the critical importance of addressing these challenges, the roundtable was a vital platform for industry leaders, experts, and stakeholders to engage in meaningful discussions, share invaluable insights, and collaborate on strategies to fortify the telecom industry against the ever-present menace of cyber threats.”

Mohammed Alosaimi, Chief Security Officer at Huawei Saudi Arabia, reaffirmed Huawei’s commitment to reinforcing cybersecurity infrastructure, stating, “As an industry leader actively engaged in cybersecurity R&D and building a cybersecurity ecosystem in the region, Huawei remains steadfast in our collaboration with carriers and partners to strengthen the construction of digital infrastructure around the world, build a thriving ecosystem, and unleash the potential of the digital world securely.”

A Multifaceted Threat Landscape
Discussions explored the evolving cyber threat landscape, including cyber threats, vulnerabilities, insider threats, and supply chain risks. Experts also analysed the contrasting security challenges of legacy signalling systems (2G and 3G) compared to modern IP-based networks (4G & 5G).

Success Stories and Collaboration
Real-world examples took centre stage as speakers shared cybersecurity use cases that directly contribute to the success of telecom businesses. Recognising the importance of collective action, the session concluded with an interactive discussion focused on fostering collaboration between industry stakeholders. Participants explored ways to address existing and future cybersecurity challenges, enhance resilience across the telecom ecosystem, and ensure adherence to international standards such as GSMA NESAS, MCKB, and OIC-CERT recommendations.

Building on a Global Dialogue
This second edition of Huawei’s Global Carrier CISO Roundtable builds upon the momentum established at MWC2024. At that event, 50 carriers and industry organisations engaged in discussions on best practices and industry standards for safeguarding the digital world.

The SAMENA Leaders’ Summit 2024, held under the patronage of UAE’s Telecommunications and Digital Government Regulatory Authority (TDRA) and with global collaboration from ITU, served as a platform for this crucial dialogue. The summit, held on May 13th in Dubai under the theme “Evolving toward Integration, Intelligence & Sustainability in Infrastructure,” highlighted the importance of collaborative efforts in building a secure and sustainable digital future.

As the malware development market continues to flourish with new stealers such as Lumma, for the last three years Redline still remains the dominant data-stealing malware used by cybercriminals. More than half of every device (55%) targeted by password-stealer attacks in 2023 has been infected with the Redline malware, Kaspersky Digital Footprint Intelligence finds.

Infostealers infiltrate devices to illicitly obtain sensitive credentials such as logins and passwords, which are then peddled on the shadow market, posing significant cybersecurity threats to personal and corporate systems. According to information gleaned from log files traded or distributed freely on the dark web, Redline was used in 51% of infostealer infections from 2020 to 2023. Other notable malware families included Vidar (17%) and Raccoon (nearly 12%). In total, around 100 distinct infostealer types were identified by Kaspersky Digital Footprint Intelligence between 2020 and 2023 using metadata from log files.

The underground market for data-stealing malware development is expanding, evident from the rising popularity of new stealers. Between 2021 and 2023, the portion of infections caused by new stealers grew from 4% to 28%. Specifically, in 2023, the new “Lumma” stealer alone was responsible for more than 6% of all infections.

“Lumma emerged in 2022 and gained popularity in 2023, through a Malware-as-a-Service (MaaS) distribution model. This means any criminal, even those without advanced technical skills, can purchase a subscription for a pre-made malicious solution and use this stealer to carry out cyberattacks. Lumma is primarily designed for stealing credentials and other information from cryptocurrency wallets, commonly spread through email, YouTube, and Discord spam campaigns,” said Sergey Shcherbel, an expert at Kaspersky Digital Footprint Intelligence.

To guard against data-stealing malware, individuals are advised to use a comprehensive security solution for any device. This will help prevent infections and alert them to dangers, such as suspicious sites or phishing emails that can be an initial vector for infection. Companies can help their users, employees and partners protect themselves from the threat by proactively monitoring leaks and prompting users to change leaked passwords immediately.

AmiViz has forged a partnership with Abstract Security, a cyber threat operations platform offering a revolutionary approach to security analytics that allows organisations to improve efficiency, reduce SIEM-related storage costs, and enhance detection and response capabilities across multi-cloud and on-premise environments. The Abstract platform disrupts traditional cybersecurity analytics with its innovative approach, challenging the limitations of conventional Security Analytics systems. Abstract Security offers a transformative cyber threat operations platform in an era marked by compliance-induced data swamps and redundant data storage.

“Engineered to streamline security analytics, it enhances detection and response capabilities across diverse IT environments, including multi-cloud and on-premise setups. By integrating tactical artificial intelligence (AI), Abstract empowers security analysts to decode complex cloud security data, improving detection strategies and filling visibility gaps. Pioneering initiatives like the decentralized edge computing platform and a one-click data lake further solidify Abstract Security’s position as a visionary player in cybersecurity,” the company said.

“The strategic expansion into Middle Eastern markets aligns with the region’s growing demand for advanced cybersecurity measures. With rapid digital transformation and increased cyber threats, the Middle East presents a significant opportunity for Abstract Security. Government investments in cybersecurity infrastructure and the adoption of IoT technologies amplify the demand for efficient, AI-driven security solutions,” the company added.

Ilyas Mohammed, COO at AmiViz, said, “Our partnership with Abstract Security heralds a new era in cybersecurity analytics. By leveraging their innovative solutions, we empower our clients with proactive threat management capabilities that surpass traditional systems. Together, we redefine industry standards, ensuring robust protection against evolving cyber threats and bolstering our position as leaders in the cybersecurity landscape.”

Richard Betts, Vice President of International Business at Abstract Security, commented on the strategic alliance, stating, ‘Our collaboration with AmiViz in the Middle East is more than a partnership; it’s a synergy of strengths. This venture not only amplifies our presence in a region but also marks a significant step in our journey to broaden Abstract Security’s international reach.

The companies claimed that the solutions are tailored for large enterprises in critical sectors like finance, oil and gas, telecommunications, MSSP and government, to address unique cyber threats. Abstract Security said it aims to integrate its solutions in local markets deeply through a channel-focused distribution strategy, empowering channel partners and addressing evolving security needs. The company added that it has partnered with AmiViz to provide comprehensive support, including technical training, marketing assistance, and dedicated account management, further strengthening Abstract Security’s position in the GCC markets.

Abstract Security’s partnership with AmiViz allows Middle Eastern channel partners to revolutionize security analytics, transcending traditional SIEM systems and compliance burdens. Together, they set a new standard for cybersecurity analytics, paving the way for proactive and predictive security measures. This partnership aims to position the Middle East as a cybersecurity stronghold, contributing to its global leadership in cybersecurity.