自治网络的预测性安全运营

PREDICTIVE SECURITYOPERATIONS FORAUTONOMOUSNETWORKS Michela Menting, Senior Research Director GEN AI ADOPTION INTELECOMMUNICATIONS CONTENTS A recent study on Generative Artificial Intelligence (Gen AI) perceptionsand usage in the telecommunications sector from ABI Research,commissioned by Microsoft and Nokia, surveyed 100 telco companiesaround the world. Gen AI Adoption inTelecommunications.......................1 Adversarial AI: An EmergentRisk in the Threat Landscape.........2 Focused on security operations specifically, the survey exposes levels ofArtificial Intelligence (AI) adoption in the telco environments, and shedslight on the challenges, priorities and opportunities that operators faceas they integrate nascent technologies, such as Gen AI, to aid in securingtheir networks. Notably, the appeal of Gen AI lies not only in its analyticalcapabilities but also in its potential to automate complex securityworkflows by reducing manual effort, and accelerating threat response,which ultimately improves operational efficiency. With over 65% ofrespondents already using or piloting Gen AI in their security operations,the sector is emerging as a front runner in leveraging automation throughAI to modernize and protect its infrastructure. The Telco Operator Advantage:Transforming Challengesinto Opportunities...........................4 Pushing Security to NewHeights: Intelligence,Contextualization & Resilience......7 Blueprint for TrustedGen AI Deployment..........................9 Gen AI Archetypes in Action:Pioneering Models.........................10 ADVERSARIAL AI: AN EMERGENTRISK IN THE THREAT LANDSCAPE The telecommunications sector is no stranger to cyberattacks, but alongside other sectors,migration toward more digital and cloud-native architectures is opening it up to anextended threat landscape. Increasingly, it has been facing a growing wave of damagingcyberattacks as operators migrate to the next cellular generation with 5G networks. Coordinated, experienced threat actors with evidently significant resources and grimdetermination are making short shrift of the emerging weaknesses and vulnerabilitiesof 5G networks. Operators have their work cut out for them: underpinning their criticalnature as the world’s primary connectivity supplier, they are busy bettering thattechnology and exploring new use cases. But they also need to learn the ropes of anew telco environment that now roots itself in software; and this is today the weakestexploitable link. “Endpoints arecommon targetsfor malware,ransomware, andphishing so wehave a fair amountof security toprotect it.”—VP Cybersecurity,Europe In late 2024, Salt Typhoon compromised major operators in North America and Europe,exploiting vulnerabilities in network edges and siphoning vast amounts of sensitivecommunications data. In parallel, groups like Charcoal Typhoon have successfullyweaponized AI, harnessing Large Language Models (LLMs) to finesse social engineeringefforts using automated reconnaissance and AI-generated malicious scripts, crafting evermore precisely targeted phishing campaigns. This latter trend has accelerated at lightning-speed, catching the world off-guard, not just inthe telco industry. Operators are too keenly aware of the pernicious threat to their criticalinfrastructure posed by the misuse of AI. Social engineering is the precursor to what willinevitably be much a more expanded use of adversarial AI, and today, such efforts aredeveloping the fastest. These concerns were reflected in the survey. Social engineering,alongside identity fraud and theft, were identified as the top two attack types worryingoperators, with respondents anticipating them becoming significantly more powerful withoffensive use of AI technologies.today, sucheffortsare developing the fastest. These concerns were reflected in thesurvey. Social engineering, alongsideidentity fraud and theft,were identified as thetop two attack typesworrying operators, with respondentsanticipatingthembecoming significantly more powerfulwithoffensive use of AI technologies.Call out: “Endpoints are common targets for malware, ransomware, and phishing so wehave a fair amount of security to protect it.”VP Cybersecurity, Tier Three Operator, Social engineering is a lucrative battleground for threat actors with large telco operatorsboasting several hundred million subscribers, and for the top Tier One operators, thisgoes into the billions. AI can significantly increase the success rate of these types ofattacks and, as a result, they are quickly becoming an indispensable tool for threatactors. Deepfakes, in particular, are proving particularly adept at creating hyper-realisticphishing campaigns, taking social engineering to the next level of human deception.Classified as Microsoft Confidential TELCOS AT THE FOREFRONTOF GEN AI ADOPTION Inevitably, telcos are now engaged in a precipitous race against threat actors on the AIfront. Adoption of Gen AI in telco security operations (