This page contains a Flash digital edition of a book.
NETWORK SECURITY How safe are your PBX installations? The dark side of voice


Security threats that exploit the openness of an average business telephone system are a real danger and the financial losses can be huge. Here, channel consultant Paul Cunningham discusses these threats and highlights the market opportunity for selling products that force phone hackers to hang up.


ast month Romanian authorities dismantled a cybercrime network blamed for causing more than 11 million euros in losses to firms in the US, UK, South Africa, Italy and Romania. Police arrested 42 people while several computers and hard disks were seized. Ring members were accused of stealing confidential VoIP data and using it to make thousands of calls towards surcharged numbers abroad which allowed them to get bonuses for every call. It is not just the enterprise user that is targeted on the assumption that toll fraud can be ‘hidden in the margins’ of high call levels and expenses. A charity in North Wales was recently hit to the tune of £4,000 in telecoms charges over the course of a single weekend. It is often the least prepared organisations and least able to cover the cost that are the victims.


L


Despite significant traditional data network security investments in firewalls and related technologies, all data and telecom resources can be compromised via unprotected phone lines. Every PBX, whether IP or TDM, has a typically unsecured connection to the public network via a gateway, and this is compounded by the sheer range of threats emerging – some highly intentional as the result of organised crime, others incidental to the proliferation of connected devices and systems. Next we take a close look at the threats and where they come from:


Telephone Denial of Service (TDOS) Attacks Easily-accessible, low-cost VoIP tools can launch massive simultaneous, computer-generated


IP calls with serious security and operational implications for the enterprise. Although these calls often originate as auto-generated IP calls, they can touch any TDM or SIP-based system. Some TDOS activities are annoying and disruptive, such as voice spam experienced during normal business hours. More threatening examples include brute force TDOS attacks aimed at crippling voice services, IVR systems, or other resources in order to disrupt normal business operations and revenues. Perhaps the most insidious forms of TDOS attacks are those coordinated with other activities to steal money and information.


The FBI issued an urgent warning on May 11th 2010 noting a surge in TDOS-related schemes to help steal money from US bank accounts. During these integrated attacks, the TDOS component is used as a diversion to help perpetrators complete the fraud. One specific example attack occurs when a fraudster succeeds in disrupting access to a company’s phone system. The most common TDOS attack is carried out in two parallel moves. Cyber thieves obtain account information and then contact institutions, changing information such as phone numbers, email addresses or even bank account numbers so they can later transfer money or empty them. At the same time, they flood the business’ phone lines with spam calls in order to block verification calls coming in from the banks and other institutions.


Since these calls cannot get through, and since victims don’t realise that something suspicious is going on (they think they are


www.comms-dealer.com


Ring members were accused of stealing VoIP data


experiencing a glitch with their telco) the attack goes undetected and is subsequently successful. As a result, bank, online trading and money management accounts are pillaged. In October last year the Wall Street Journal reported that two New York investment banks were taken for $70 million- plus in just such an attack.


Toll fraud


Businesses large and small are increasingly being hit with unusually large bills that can’t be explained by their normal business calling patterns. Toll fraud involves theft of private long distance service by an outside party, who often resells access to other consumers. Beyond simple toll fraud newer


manifestations of voice fraud threats targeting the enterprise are also emerging. A new breed of phone-based social engineering attacks are placing corporations and their customers at increasing risk for identity theft and financial damage. Most people are familiar with email-based Phishing schemes, whereby criminals attempt to acquire personal information such as usernames, passwords and credit card account information by representing themselves as trusted entities. Many corporations, especially financial, insurance, retail and healthcare organisations are becoming victims of these attacks conducted over the phone. Continued on page 45


38 COMMS DEALER JANUARY 2011


www.comms-dealer.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52