generic voice security issues

18
Voice Security A Presentation for Linkedin Friday, May 13, 2022 A General presentation By Jason Dewar © Context Information Security Limited / Commercial in confidence Voice edge security Friday, May 13, 2022

Upload: jasondewar

Post on 27-Jan-2015

119 views

Category:

Documents


0 download

DESCRIPTION

 

TRANSCRIPT

Page 1: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

A General presentation

By Jason Dewar

© Context Information Security Limited / Commercial in confidence

Voice edge security

Monday, April 10, 2023

Page 2: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Presented by:Jason Dewar

Enterprise Telephony Management

A Presentation for Linkedin 19th June 2008

Page 3: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Agenda

• Introduction to Context Information security• Voice security issues• Voice security solution• Contacts

Page 4: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Context Information Security• Founded 1998 as a one-stop-shop information security consultancy.• Serves mainly financial services sector and MoD

• Major voice security projects delivered for US Army Europe (USAREUR), US Air-Force Europe (USAFE), UK Govt departments, Bloomberg, Symantec, Asda etc..

• Penetration testing activities highlight the need for a solution to mitigate security issues associated with unauthorised and insecure voice services

• Unguarded IP access to the corporate network via modem usage is regularly raised as a critical security issue.

• Initiated contact with members of the Wheel Group, creators of NetRanger IDS product, who had formed SecureLogix, to investigate how to resolve voice security issues

• CIS has had direct input into development of the Enterprise Telephony Management system

Page 5: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Voice Network threats• Cross network attacks – LAN penetration through Voice lines.

• Authorised and unauthorised Modem backdoors into LAN.

• Attacks on voice system – Service theft / Toll fraud.• PBX, DISA, Voice mail…• Estimated $30 - $40 Billion annually in US (Source CFCA).

• Unauthorised ISP Connectivity – Insider theft.• Transfer of confidential information.• Upload / Download of restricted content.• Viruses.• Hacks.

• Line Misuse & Abuse. • Unauthorised calls and conversations.• Voice service Misuse & Abuse (E.G. International & premium rate calling).

Page 6: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Traditional IT Security

Blocked!

Alert!

Firewall

IDS

Router

Good News – Internet devices work reasonably well

Bad news – Modem usage can bypass these devices

Typical IT Network

Page 7: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Authorised Modem attacks

Alarm SystemsSprinkler Systems HVAC SystemsElevator SystemsRefinery ControlsPower Grid

Modem

Intruder

LAN

Servers

Central Office

Internet

Voicemail

PBXPSTN

Page 8: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Threats to Voice & DataUn-authorised Modem attacks

LAN

Servers

Modems

Central Office

Internet

PSTN

Blocked at the perimeter

WormsTrojans Viruses

Internet traffic blocked at the LAN perimeter can be re-routed using Modems

Page 9: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Threats to Voice & DataWar Dialling

War Dialing used to be the only way to find modems

In reality, war dialing discovers less than 25% of the problem

User leaves connection to ISP dialed in so when you war dial you get a busy signal

Discover the maintenance modems you already know exist

The user who was connected to his ISP all day has taken his laptop home so when you war dial all you find is the fax machine – which is entirely legitimate

War dial server ISP

PSTN

Page 10: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Voicemail

PBX

FAX

Servers

Modems

LAN

Central Office

Internet

PSTN

Intruder

Remote access to PBX can allow service disruption or Theft.

Threats to Voice & DataPBX Attack

Page 11: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

LAN

Voicemail

PBX

FAX

Servers

Modems

Central Office

Internet

PSTN

Intruder

Unauthorised services

Threats to Voice & Data Resource Hijacking

Page 12: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Communications Fraud“Communications Fraud is the use of Telecommunications products or

services with no intention of payment”

• Toll fraud costs an estimated $72 - $80 Billion globally (Source Communications Fraud Control Association (CFCA))

• These losses represent 4.5% of global telecom revenues• Fraud (value) has increased by 34% since 2005

• Top 5 locations for communications fraud:1. Cuba2. Philippines3. Lichtenstein4. India5. U.K

Cont…..

Page 13: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Communications Fraud• Top 3 communications fraud losses:

1. 29% (approx. $22Billion USD) – Subscription / Identity theft2. 20% (approx. $15 Billion USD) – Compromised PBX / Voicemail systems3. 6% (approx. $4.5 Billion USD) – Premium rate service fraud

It is important to recognise that communications fraud is not limited to those with poor PBX administration. Organised criminal fraternities are operating on a massive scale to defraud companies and individuals by compromising their telecommunications. resources and using them for financial gain.There is a reported link between some Communications fraud and global terrorism.

Page 14: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

The solution

Page 15: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

The solution

As with the traditional layout of the IT network, we strongly recommend the use of border security devices such as voice

firewall and Intrusion Prevention Systems.

Page 16: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

The SecureLogix ETM system

LAN

Modem

PSTN Trunks

Firewall

Phones

InternetProvider

InternetConnection

Phones

PBXServiceProvider

Switch

ETM® ETM® SystemSystem

Voice Firewall:

Blocks phone line attacks. Controls voice network access and service use.

Voice IPS:

Prevents malicious and abusive call patterns such as toll fraud.

Performance Manager:Enterprise-wide dashboard. Real-time

performance monitoring & diagnostics.

Usage Manager:

Enterprise-wide, PBX-independent CDR, call accounting, & resource utilization.

Call Recorder:Policy-based recording of targeted calls. Trunk-side, cost effective solution.

The ETMThe ETM®® System System

Page 17: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

The SecureLogix ETM system

TeleView® Client

Central Office

ETM® Appliances

ETM® Management

Report Database Server

IP Network

Trunks Modem

Phone

Fax

PC

PBX

Public / PrivateInternet

TeleView®

Remote Clients

PRI T1 Analogue E1 VoIP

3DES encryption

3DES encryption

Page 18: Generic Voice Security Issues

Voice Security

A Presentation for Linkedin Monday, April 10, 2023

Contacts

Please contact Jason Dewar of Context Information Security:

e: [email protected]: www.contextis.co.uk: +44 (0)20 7537 7515: Context Information Security

30 Marsh WallLondonUnited KingdomE14 9TP