Telecoms Security: How to help protect your business against toll fraud

Telecoms Security

Phone System Security Is A Rising Concern For Businesses As Toll Fraud Is On The Rise Again

Regardless of whether you have an analogue, digital or IP phone based system, without proper protection, it can take a hacker mere seconds to infiltrate your phone system and start causing havoc. We would never claim that we could make a phone system impregnable, but there are certain steps you can take that will help lessen the risk of a successful breach and improve telecoms security.

Phone system security is a serious concern for enterprise as these figures illustrate:

  • The UK is the 3rd most targeted country in the world
  • Toll Fraud is on the rise – up 15% per year
  • 85% of UK businesses are not safe from hacking
  • Average cost of a UK attack is estimated at £10,000.

We spoke with incovo Head of Technology, Ray Prunty about some of the most effective security measures you can implement to your business phone system to help shore up your company’s defences and improve telecoms security.

1. Training

Firstly, it is vital that employees have all the necessary training to optimise the efficiency of the telephone system. In most cases of toll fraud, they are extensively linked with the stealing of authorisation codes and passwords. It is essential that your staff safeguard these to the best of their ability. The numbers should never be written down or programmed into auto diallers. If you have staff who travel outside of the office they should also be aware that thieves can be watching or listening in to phone calls in order to find out the relevant numbers.

2. Control Phone Calls

Controlling of your phone calls is a good way to enhance the security of your company. Most hackers will focus on making non-permitted long distance calls. You are able to place restrictions on this by eliminating or restricting unnecessary calls to other countries. This is ideal if you know the countries you do not do business with. You could also place limits on which of your workers are allowed to make such calls or on what times calls are made, as this could stop phone calls being made in the evening.

3. Be Aware Of Thieves’ Techniques

There are certain signals to look out for that will alert you to toll fraud. A growing number of thieves will try to deceive your workforce in order to gain access. For example, they could ring you on a local access number or 0800 service and ask to be continually transferred between personnel until they obtain an outside line. It is recommended that all of the following should be looked into: obscene phone calls, continuous hanging up of the phone, recurring incidents of asking for an invalid extension number, wrong numbers, callers asking who they have reached and silent calls that wait for you to hang up. All of these techniques have been used in the past by fraudsters and should raise alarm bells if they occur in your office.

4. Protect Your Passwords

Passwords are the easiest form of protection but there are several ways to make these more secure. The more characters you use the better. You should also avoid patterns in your system such as digits that follow in order or all of the same numbers. Do not use default passwords or access numbers as they are simple to crack. Keep away from making the password the same as the extension number or those which are related to the owner, such as an I.D. Room.

In line with this it is also advisable to frequently change the passwords. We would recommend doing this quarterly, as well as when anyone leaves the firm who had access to them.

5. Be Aware with Auto Attendant

Automated attendants are a vulnerability and target spot on your telephone system, leaving it susceptible to fraud. The toll fraudsters will go from the automated attendant and dial the 90XX or 900 extensions. On several exchanges these numbers will connect them to outside lines. You can limit or block the capabilities of local dialling or long distance trunks in order to stop this. Block access codes such as 900XXX can be used in these circumstances.

6. Software Patches

Make sure that your phone and voice mail systems are up to date and have all current patches installed. Phone system manufacturers are releasing updates all the time to help battle toll fraud and improve telecoms security.

7. Unused Mailboxes & Phones

When a member of staff leaves, remember to disable to change their passwords. If you are operating SIP based phones then these are the easiest to hack so don’t leave them unplugged and always put complicated passwords on them.

8. After Hours Calls

Restrict outbound calling out of your normal working hours. Typically most hacks originate from outside the UK and such they operate in different timezones which usually means more hacking attempts in the evenings. Similarly, at the weekend than during normal Monday to Friday working hours, are more common in our experience.

How incovo help their customers protect their system:

  • Conduct A Security Audit on your phone system
  • Disable International calls
  • Check your firewall configuration
  • Install call logging software with toll fraud alerts
  • Update your phone systems software
  • Change your system’s passwords

 Want to know more about telecoms security?

Security Banner

 

 

 

 

 

About incovo

incovo is a communications technology integrator of category leading unified communications, infrastructure, integrated network solutions and document management solutions to small and mid-sized organisations throughout the UK. Our focus is creating dependable, cost effective business communications solutions for businesses that ensure a variety of methods of collaboration to meet the ever changing market conditions.

At incovo, we provide fast and effective support to all of our customers through our multichannel support network – allowing our customers to feel the benefits of compelling solutions that will enable their businesses to grow, tailored to their needs.

How to help prevent telephony fraud and improve your IP telephony security

IP Telephony security Following our last article on the necessity for securing your IP network, we have put together a quick guide to help protect your VoIP network in this article. Obviously, given that each system is different and equipment varies, the vulnerabilities will change from supplier to supplier but there are a general set of guidelines that are still relevant regardless of manufacturer- which we will look at today that will help secure your IP Telephony security. It is important that the necessary precautions are put in place when installing a PBX/voice network and that’s why it is always better to have it done by an experienced engineer who will be familiar with the many ways to secure a network. Failure to comprehensively set-up can lead to costly vulnerabilities.

The cost of toll fraud – a stinging example

Toll fraud can be a very expensive business and without the necessary precautions could cause real problems for small businesses. For example, if an attack occurs over a long, bank holiday weekend, beginning at 7pm Friday evening and concludes at 8am the following Tuesday morning at 8pm, this runs a total of 86 hours. The customer’s has SIP trunk 20 channels which during the attack are used to dial a premium rate number, constantly at a cost of £3 per minute, per call. This would equate to £3600 per hour across all channels and comes in at a total cost for the entire duration of £309,600.

Preventative measures

As the old idiom states, prevention is preferable to the cure so in real terms that means that the gateway to your network is amply safeguarded is an important first step. We have outlined a few of the main preventative measures that could help secure your network.

1. Securing Port 5060

If you have port 5060 open for remote SIP endpoints the use of firewalls, SBC’s or router ACL’s is strongly recommended. Even better is to close 5060 and use a VPN to carry traffic between the remote endpoint and the PBX. Establish with your Internet telephony service provider (ITSP) which IP addresses need to be configured to access port 5060 and only allow those. If your ITSP supports NAT traversal this is preferable to assigning a public IP address to a PBX. According research into the successful SIP registration attacks noted by industry experts commonly take place through routers with the SIP port forwarded to the PBX when it was not required.

2. Network Security/Access

If there is no requirement to access the PBX from outside your network, don’t allow it. Otherwise block access to the PBX from all IP addresses except those that have a legitimate need for access. If you do need access to the PBX, consider the use of VPN’s, ACL rules, firewalls etc to secure yourself as much as possible. Scan the network for any potential vulnerability

3. Physical Security

Consider the physical security of your internal voice LAN. Try and locate the PBX and switches in a secure area and think about preventing access to this network by anything other than recognised endpoints. VLANS are another good way to prevent casual access to your voice LAN.

 4. Inbound Rules

In the event that you have provisioned all your DDIs onto the PBX but you are not using them all then instead of using an Auto Attendant, simply end the call thus reducing the number of routes into your PBX. This way any unauthorised attempts to access the voicemail segment are limited.

5. Administrative control and passwording

It is important to ensure that all passwords are secure and not default passwords, especially for administrators. Similarly, when setting up the phone system it is unwise to have extension passwords the same as the extension itself. Furthermore, it is important to remember that system’s extensions such as fax servers or conference rooms are strongly passworded too.

6. Voicemail

Traditionally, most phone systems allow for passwords and these typically take the form of 4 digit combinations and it is important that the most common forms of passwords are not used i.e. 1234. Where at all possible, limit the access of remote voicemail access as this is particularly susceptible to attacks known as ‘phreaking’. Of course, due to it’s popularity, it may be required, in which case you should look to outgoing rules/call barring to limit exposure.

7. Restict the dialling of expensive numbers

If you have the option to place system restrictions such as Class of Service or Toll Restrictions, which restrict calls to certain numbers, which is not always available in which case a dial plan is advisable. Creating rules such only allowing calling of 01 or 02 numbers and the prohibition of 09 numbers would be a good start.

8. Restricted to office hours

By in large, the majority of calls will be made within the traditional working hours or at least the company’s hours, then it would be advisable to make restrictions where necessary. By all accounts, the majority of fraud occurs during office hours so any means of limiting this would be prudent.

9. System/Default extensions

System extensions are a product of the PBX installation process and typically produce standard or default numbers which hackers are well aware of. In order to restrict this it is advised that these extensions are covered by strong passwords or change the extension numbers from the default to customised ones.

10. Anti-hacking & IP Blacklist

Of course with the newer PBXs, it is commonplace to see anti-hacking features as standard which take the form of the prohibition of the use of extension outside the LAN to features such as failed authentication protection. Repeated failed attempts can be set to registered to an IP blacklist. By applying as many of these measures and protocols as possible will help shore up your IP telephony network security but as advised in the article it is always preferential to have an experienced engineer do it help avoid common pitfalls that attackers gainfully look to exploit. If you would like some advice or a free consultation from one of incovo’s telephone engineers then feel free to contact us today. incovo telephone number

About incovo

incovo provides a range of ICT solutions, services and technologies to clients of all sizes across the central belt of Scotland, covering Edinburgh, Glasgow and neighbouring areas. We particularly specialise in small to mid-sized(SME) business solutions. We specialise in the installation and maintenance of business telephone systems and multifunctional devices tailored to suit the size and needs of your organisation. Our engineers are highly skilled and qualified in systems provided by global leaders including Avaya, Siemens, Konica Minolta and Microsoft.