Secure your Voice over IP (VoIP)
-
Upload
techso -
Category
Technology
-
view
220 -
download
0
Transcript of Secure your Voice over IP (VoIP)
Secure your Voice over IP
(VoIP)
Risks and SolutionsMarch 2016
Next
Though most people are often unaware of such hacking, ‘phreaking’ (e.g. phone hacking) is a real curse. Businesses have no choice but
to protect themselves against this type of attacks.
Recently, phone scams tend to be decreasing but they still, on a global scale, generate
financial damages up to several billions US dollars per year (1).
Every business having phone lines and providing internal VoIP services to its users can be the
target of cyber attacks. These attacks can cause financial losses of several tens of thousands of
dollars (2). Most of the time, unsustainable losses.
On top of the financial damage, these attacks can also cause a break down of the phone system, making businesses unreachable for a certain amount of time. This can have huge economic
impacts on business.
2
Secure Solutions for SMBs
01
02
03
04(1) http://cfca.org/pdf/survey/2015_CFCA_Global_Fraud_Loss_Survey_Press_Release.pdf
(2) http://www.nytimes.com/2014/10/20/technology/dial-and-redial-phone-hackers-stealing-bill ions -.html?_r=0
3
0
11,75
23,5
35,25
4746
38
Global phone frauds in billions of $US (1)
2013 2015
Secure Solutions for SMBs
4
Principles of Telephone Hacking
Hackers fraudulently penetrate phone systems through
businesses’ network to make international calls.
01
02
03
04
These calls are rerouted and resold to (not very scrupulous)
operators who buy them at a very attractive price.
Most of the time, attacks happen when businesses are closed;
during the night, week-ends, public holidays. Few hours are enough to
cause financial damages up to several tens of thousands of
dollars.
In addition to the financial fraud, phone hacking can have critical impacts such as identity theft,
interception of calls (listening to calls or voice mail), break down of
systems’ settings, etc.
5
3,93 3,53
3,533,14
2,55
5 types of frauds in billions of $US en 2015 (1)
PBX
IP PBX
Subscription Fraud (Application)
Dealer Fraud
Subscription Fraud (Identity)
Principles of Telephone Hacking
6
Typology of Most Frequent Attacks
Hacking users’ voicemails to set up call forwarding to an external number or even take remote control of the device.
The last type of hacking that appeared with new VoIP technology is simply to penetrate the business’ IT network, which is often paired with the VoIP network, through the Internet.
Hacking the admin interface of the phone system through different critical cracks to take remote control of the whole system.
Hackers are totally anonymous on the Internet, it is almost impossible to
retrace them.
Hackers are professionals using only an Internet connection or one of your phone
numbers to get into your system.
Types of most frequent attacksWho are the hackers?
In all cases, cracks are often the same: poor passwords, and poor (or not) secured reachable IT
network (from the Internet).
7
5 Good Practices to Start Protecting your
Business
Secure your equipment: limit the access of your VoIP
system to authorized person only. Store it in a locked place.
Master your infrastructure: every business has its own way of
managing its IT network. Be aware of the persons who get connected
to your network, identify the connection’s sources (wall plugs,
Wi-Fi, VPN, Firewall, etc.) and make sure your IT policies are clear and
well known by your employees.
Allow calls only to countries you deal with. Good practices suggest blocking every country (set by default) and authorizing only those necessary. Once again, prefer a VoIP provider who allows a granularity on the countries of destination.
Keep an eye on your telephone bills frequently: some frauds may go through at first sight but can represent a huge amount the next months.
Add financial limits: a good VoIP provider will allow you to fix monetary limits for individual and international calls. Search for these providers.
8
… and Ask Us for our Expertise in:
Audit vulnerabilities of your on-site & remote phone installation through efficient & reputed tools.
Auditing Security Firewall Monitoring AssistanceCompletely secure your business network by putting in placeadvanced security policies & secured connections (VPN).
Set up a Session Border Controller (SBC) guaranteeing your network’s security & integrity.
Monitor your setup's alerts to allow better reactivity incase of large-scale attacks (DDOS).
Help you with your need to upgrade your infrastructure to keep it lasting.
9
Hacking traffic rejected
Trusted traffic authorized
NETWORKFILTERINGINTERNET
Securing with a Session Border
Controller
Put the odds in your favour:
choose Techso and enjoy peace of
mind!
Web site: techso.caContact Us: (514) 312-1399
END