clients / case studies / businesses
Millicom International Cellular S.A.
To analyze and to implement the best methods of security against billing fraud
A network and systems audit by Ephibian's qualified experts, followed by implementation including intrusion detection and the creation of a web-based monitoring application
IntroductionMIC provides cell phone service to almost 6 million subscribers in 16 markets across Asia, Latin America and Africa. Concerned about high-level turnover and possible billing fraud in their Tanzania operations, MIC needed to carry out an analysis of their operations to determine firstly, if there was any audit anomalies and secondly, if there were, how these could be addressed.
MIC engaged Ephibian to perform an extensive security audit that included both network and systems security, and to address the outcome of the audit through implementation of countermeasures. The operating environment includes a combination of Windows and Sun Solaris systems.
What did we do?
- Audited and analyzed the current states of the network and systems security to gain a true picture of the existing security posture
- We provided a written analysis with actionable items to improve the overall network and systems security posture
- Our engineers deployed a network intrusion detection system in front of MIC’s internal billing server
- We developed a customized, web-based application monitoring tool so MIC staff could monitor billing server network activity
- Both the network intrusion detection system and the web application were configured to alert high-level management of suspicious activity within the local network and billing application environment
How did we do it?
- One of Ephibian’s ISC2-Certified Information Systems Security Professionals (CISSP) and Ephibian’s Cisco Certified Network Associates (CCNA) analyzed MIC’s operations in Tanzania to perform network and systems vulnerability scans and penetration analyses and review the structure of the operational network and applications’ design
- Ephibian engineers monitored MIC traffic to analyze and evaluate traffic patterns and risk conditions
- MIC’s local network routers (Cisco) and firewall (Cisco PIX) configurations were examined and evaluated including review of IOS levels, access lists and specific configuration rules
- Remote threats to the servers were assessed through known vulnerabilities such as buffer overflows as well as through security issues introduced through mis-configuration. All open ports were scanned to learn their purpose, and removed if they were unnecessary or strengthened of they were needed.
- Evaluation tools included vulnerability scanning tools and protocol analyzers.
What was the result?
- Several threats were identified and countermeasures implemented
- Management had much better visibility if/when suspicious activity occurs
- MIC, realizing the value, has retained Ephibian to perform similar analyses in several of their other high-risk operations around the world