Transcript practice
Regional Telecommunications
Workshop on FMRANS 2015
Presentation
ISSUES TO BE COVERED IN
THE DISCUSSION
Fraud management and Revenue Assurance
o Our Understanding of the subject matter
o The Practice
o Case studies
o Lessons
Cyber Security
o Our Understanding of the subject matter
o The Practice
o The environment
o Lessons Learnt
ISSUES TO BE COVERED IN
THE DISCUSSION Cont.…
Network Security
o Our Understanding of the subject matter
o The Practice
o Case studies
o Lessons
REVENUE ASSURANCE OUR
UNDERSTANDING
REVENUE ASSURANCE:Is the use of data quality and process improvement
methods to improve profits, revenues and cash
flows without influencing demand
KEY ISSUES
Use of data quality (Data gathering becomes an
issue)
Process Improvement (Value chain)
Aimed at improving profits, Revenue and Cash
flows
Without influencing Demand
TOOLS, HARDWARE AND
SOFTWARE CONFIGURATION
Fraud Management system.
• IPProbes connected to the IP network (near real-time)
• IProbes- connected to the SS7 for real-time monitoring of
PSTN (near-real-time)
o
o
o
Audit Analysis tools
ACL Analytics
IDEA Analytics
Excel platform for following up on trends and patterns.
FMS IN PRACTICE/ TOOLS, HARDWARE AND
SOFTWARE CONFIGURATION
Collision and Velocity Rules (To monitor time and space
inconsistences for the Wireless Voice network e.g.
CDMA)
Behaviour Analysis Rules- to monitor radical changes in
usage profile
Profile Rules to monitor “under the radar attacks” that
occur over time
Real-time Rules to monitor calls as they occur (e.g.
monitoring fast and furious frauds)
Multi-Service Rules (to monitor voice, ADSL on one
subscriber)
New Subscribers Rules- to monitor behaviour of new
clients
FRAUD INCIDENCES/ CASE STUDIES
CASE 1: HACKING OF CUSTOMER IPBX
With the development of technology clients regardless of
which service is engaged they are moving to IP-PBX.
IP based PBX have shown that they are vulnerable and
susceptible to hacking considering that they are on line.
As technology is adopted clients are not taking adopting
appropriate countermeasures with speed and this has resulted
in hacking taking place.
The attacks are then picked through everyday profiling
activities done for traffic directed to hot destinations.
The responsibility to ensure that last mile equipment
connected is safe and free from any cyber vulnerabilities rests
with clients who in most cases engage 3rd parties for
installations.
Fraud Reporting
There is a robust whistle blowing facility
rewarding up to $2500 for major proved issues;
There is a Revenue Assurance Unit continuously
profiling possible fraudulent activities;
There is a Forensic Services unit following up on
areas of high fraud risks; and
Periodic Internal Audit Reviews
REPORTING GOVERNANCE
All
incidents
investigated
are
then
communicated to the Board through the Audit
Committee of the board with clear action
plans.
RESPONSE
Inbuilt risk management in the revenue
assurance field by;
Identify each system
What can go wrong/ how can the system be
manipulated
How do you deal with the risk/ possible risk/
opportunity.
You can then develop the rule in the system/
use other means to verify the existence of the
problem;
Come up with treatment strategies in
consultation with responsible person, then
Monitor and evaluate for effectives.
CYBER SECURITY OUR UNDERSTANDING
Cyber security refers to the technologies and processes
designed to protect computers, networks and data from
unauthorized access, vulnerabilities and attacks delivered
via the Internet by cyber criminals.
KEY ISSUES
Technologies designed to protect computers, networks
and data
Processes designed to protect computers, network and
data ;
Vulnerabilities and attacks delivered via the internet.
.
CYBER SECURITY- THE ENVIRONMENT
Over the past few months there has been an
increase in cyber attacks/ online hacking
locally and internationally.
Hackers typically steal an internet/ computer
user’s information for various reasons including
to commit fraud
In Zimbabwe, an average of 12 companies per
month are subject to some form of cyber
attack with the most common type of attack
being website defacements.
PRACTICE
The following approach has been adopted in dealing with
Cyber attacks : Form part to the national team formulating cyber
security policy and laws ( Draft stage)
Developed Cyber Security framework and Cyber
Security Response Plan.
Carry out vulnerability assessments to ensure corrective
action is taken.
Scan the international, Regional and National Cyber
attacks with a view to understanding the method of
operation. www.zone-h.org
Match method of operation to our own systems to
ensure proactive action is taken.
Awareness training to members of staff.
PRACTICE
NETWORK SECURITY ISSUES
Service uptime is affected by network
vandalism as a result of
Criminal elements
Damage by other operators as they
increase their network infrastructure.
COUNTER MEASURES
Have installed real time alarm systems on
vulnerable route;
Established armed security reaction teams;
Continue to engage our industry counter parts
on vandalism taking place during trenching;
Have intensified the reaction strategy with
high
prosecution
success
rate
taking
advantage of the newly enacted criminal law
amendment Act that has a mandatory
sentence of 10 years.
Carrying out awareness campaigns
Lessons
IP platforms have brought new threats to
operations for operators.
Fraud cuts across networks
As organisations we are moving slowly in
building capacity to deal with new and
emerging threats.
Thank You