Latvian mobile operator invites cyber attackers to have a go

Security researchers wanting to test the kind of malware that could break public networks now have a place to do so in safety

Credit: Peter Sayer/IDG

Mobile telecommunications services in Latvia, a small republic on the frontier between the European Union and the old Soviet Union, may already have been the target of a cyber attack in August 2017.

Now Latvijas Mobilais Telefons (LMT), the country's largest mobile operator, is inviting would-be belligerents to test their cyber weapons on its network -- or rather, on a simulation of it, called the Mobile Cyber Range.

The range was used by NATO's Cooperative Cyber Defense Centre of Excellence as part of Exercise Crossed Swords in February 2018. Crossed Swords is the training ground for the "red team" that simulates attacks on NATO cyber infrastructure in another NATO exercise, Locked Shields.

Like a traditional shooting range, LMT's Mobile Cyber Range is a place to test-fire weapons, in this case malware intended to interfere with carriers' wireless networks or the mobile devices that connect to them, without anyone in the real world getting hurt, according to Armands Meirans, a B2B Solutions Manager at LMT.

lmt tower mwc 2018 Peter Sayer/IDG

That's a work of art, not a gun turret, on top of the booth Latvijas Mobilais Telefons (LMT) used to promote its Mobile Cyber Range at Mobile World Congress in February 2018. The top of the tower rotates as people sitting inside it listen to traditional Latvian chants in the round.

Security researchers wanting to study or test malware targeting PCs have it relatively easy: They can spin up a virtual machine to run the malware, spoofing incoming and outgoing internet connections to see how it behaves.

To some extent they can do the same with malicious mobile apps, installing them on a phone in airplane mode or connected to an isolated wireless hotspot to see what happens.

When it comes to malware designed to communicate over the mobile network -- or, worse, to attack the mobile network itself, things are more complicated. If even well-intentioned security researchers let such software loose on a live network, they would be likely to provoke the ire of mobile network operators or attract unwelcome attention from law enforcers.

LMT is offering its Mobile Cyber Range as an answer to that problem.

“We provide a mobile network environment not connected to the public network, so a company wanting to test things can do so without worrying they will impact the public network,” Meirans said.

LMT can simulate everything from core network infrastructure elements through wireless transmitters to the SIM cards in mobile devices. Initially, the simulations focus on systems from Nokia, LMT’s own equipment provider, but the company plans to expand it to encompass other vendors’ equipment.

Setting up a simulation of an operator’s entire mobile network is a little more complex than spinning up a virtual machine pretending to be a PC or server, as it can also involve specialist hardware to simulate radio network elements.

It can take anything from a few weeks to set things up for a scenario that has already been used to somewhere between three and six months to build a new scenario to order.

Some of that time goes on establishing the bona fides of the client, said Meirans; LMT isn’t in the business of helping bad actors to rehearse their performance.

Join the newsletter!

Error: Please check your email address.

More about IDGNATONokiaUnion

Show Comments