3 ways to protect your organization from identity-based cyber attacks

The telecommunications sector is uniquely vulnerable to identity-based cyber attacks

The telecommunications sector is uniquely vulnerable to identity-based cyber attacks Image: Kirill Sh for Unsplash

Jonathan Nelson
Director, Risk Intelligence, Constella Intelligence
Alejandro Romero
Chief Operations Officer, Constella Intelligence
Our Impact
What's the World Economic Forum doing to accelerate action on Cybersecurity?
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:


This article is part of: Centre for Cybersecurity

Listen to the article

  • Both individuals and companies are facing an increased risk of cyber attacks that exploit identity-based data.
  • Organizations must have a strategy for dealing with the exploitation of personal data of customers and employees.
  • They should detect threats early, adhere to regulations and prepare for regulatory changes.

The pandemic has accelerated progress towards remote working and digitization. With so much more personal information now online, companies, institutions, infrastructure and even democracies are being maliciously targeted by actors wishing to exploit it. Industries responsible for the administration and deployment of critical infrastructure – energy, telecommunications, healthcare, transportation and finance, to name a few – are particularly vulnerable.

The telecommunications (telco) sector, for example, deals with large volumes of sensitive data. During the pandemic, people all over the world relied on this technology to collaborate remotely. This has made the sector uniquely vulnerable to cyber attacks that target and exploit personal information for data, system or network access, or for financial rewards. We call these 'identity-based threats.'

Have you read?

Identity-based cyber attacks can come in many forms, like phishing, credential stuffing, impersonation and fraud. A case study from Deloitte revealed that government agencies continue to breach international telecommunications systems to establish covert surveillance on various communication channels, including phone lines, online chat platforms and mobile phone conversations. There was even one case in which a cyber attack from one nation blocked another nation's leaders from using their mobile devices.

In the case of telecommunications, the prevalence of exposed identity-based data linked to major companies is especially severe. Constella Intelligence’s most recent Telco Sector Exposure Report identified nearly 4,900 total breaches and leakages and more than 5.6 million records exposed from the 20 top telecommunications companies between January 2018 and September 2021. Much of this personal data – including names, addresses, social security numbers, bank routing details or medical data – is available in dark web forums, where it can be purchased and subsequently used for criminal purposes.

Constella’s 2022 Telco Sector Exposures Report details widespread exposures across the sector
Constella’s 2022 Telco Sector Exposures Report details widespread exposures across the sector Image: Constella

Dealing with identity-based cyber attacks

Organizations must have plans in place to deal with attempts to target and exploit the personal data and identities of customers and employees. They must commit adequate resources to manage the converging digital and physical risks of identity-based cyber attacks, as almost 50% of security leaders report an increase in physical security threats and incidents at their company over the last year.

Here are three steps organizations can take to protect themselves and their customers.

1. Early threat detection

Risks are best mitigated through early detection practices. Geographic proximity is no longer an adequate measure of risk, as identity-based cyber attacks and scams can be launched from anywhere in the world. In September 2022, The Australian Media and Communications Authority levelled nearly $200,000 in fines for failures to run comprehensive identity checks when transferring mobile phone number data, resulting in compromised email and banking accounts and other fraud-related issues for some customers.

China is also making staunch efforts to curb telecommunications-related cybercriminal activity, closing 594,000 fraud cases in just 15 months. National authorities determined that scammers typically work in groups and follow strategically worded scripts to develop relations with unsuspecting targets through online chat programs. The incentives that drive criminal chains across the globe indicate an urgent need for continuous, proactive threat monitoring and detection across the mainstream internet and dark web to protect identities and organizations.

2. Proactive and thorough regulatory adherence

If companies do not proactively protect their customers' and employees' identity-based data, they will likely be exposed to severe legal and financial penalties. To understand the potential ramifications, look no further than the US Security and Exchange Commission’s recent fines against top companies for failing to safeguard proprietary data and customer identities.

These cases can teach other organizations how to successfully navigate new governmental requirements and implement more robust threat intelligence programs before it is too late. This means that board-level and senior leadership must be involved in crucial security- and privacy-related considerations. Key preventative steps include continuously updating a robust response plan, adequately surveilling the production and transfer of sensitive data and implementing tailored security programming for companies of all sizes and needs.


How is the Forum tackling global cybersecurity challenges?

3. Preparing for regulatory changes

Companies must be prepared for changes in regulations around data management. Best practices include short-term and long-term preparatory actions, including cross-functional teamwork, proactive evaluation of cybersecurity capabilities and identification of technological gaps.

Although the telecommunications sector exemplifies the major risks related to identity-based data, it is not alone. Critical infrastructure organizations in energy, pharma, financial services, transportation and others are facing similar challenges. Regulators and policy-makers are more aggressively focusing on threats targeting customer and employee identities - for most companies and industries, this means increased oversight and multi-layered costs. Critical sectors must place identity-driven risk mitigation at the forefront of their cybersecurity efforts to best handle this new reality of evolving cyber attacks and increasing regulatory oversight.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Related topics:
CybersecurityGlobal Risks
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

FBI takes down army of ‘zombie’ computers. Here what to know

David Elliott

June 19, 2024

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum