generic voice security issues

Download Generic Voice Security Issues

Post on 27-Jan-2015




0 download

Embed Size (px)




  • 1. A General presentation By Jason Dewar Context Information Security Limited /Commercial in confidenceVoice edge securityThursday, November 12, 2009

2. Presented by: Jason Dewar Enterprise Telephony Management A Presentation for Linkedin19th June 2008 3. Agenda

  • Introduction to Context Information security
  • Voice security issues
  • Voice security solution
  • Contacts

4. Context Information Security

  • Founded 1998 as a one-stop-shop information security consultancy.
  • Serves mainly financial services sector and MoD
    • Major voice security projects delivered for US Army Europe (USAREUR), US Air-Force Europe (USAFE), UK Govt departments, Bloomberg, Symantec, Asda etc..
  • Penetration testing activities highlight the need for a solution to mitigate security issues associated with unauthorised and insecure voice services
    • Unguarded IP access to the corporate network via modem usage is regularly raised as a criticalsecurity issue.
  • Initiated contact with members of theWheel Group , creators ofNetRangerIDS product, who had formedSecureLogix , to investigate how to resolve voice security issues
  • CIS has had direct input into development of the Enterprise Telephony Management system

5. Voice Network threats

  • Cross network attacks LAN penetration through Voice lines.
    • Authorised and unauthorised Modem backdoors into LAN.
  • Attacks on voice system Service theft / Toll fraud.
    • PBX, DISA, Voice mail
    • Estimated $30 - $40 Billion annually in US (Source CFCA).
  • Unauthorised ISP Connectivity Insider theft.
    • Transfer of confidential information.
    • Upload / Download of restricted content.
    • Viruses.
    • Hacks.
  • Line Misuse & Abuse.
    • Unauthorised calls and conversations.
    • Voice service Misuse & Abuse (E.G. International & premium rate calling).

6. Traditional IT Security Firewall IDS Router Good NewsInternet devices work reasonably well Bad newsModem usage can bypass these devices Typical IT Network Blocked! Alert! 7. Authorised Modem attacks Modem Intruder LAN Servers Central Office Internet Voicemail PBX PSTN Alarm Systems Sprinkler Systems HVAC Systems Elevator Systems Refinery Controls Power Grid 8. Threats to Voice & Data Un-authorised Modem attacks LAN Servers Modems Central Office Internet PSTN Blocked at the perimeter Worms Trojans Viruses Internet traffic blocked at the LAN perimeter can be re-routed using Modems 9. Threats to Voice & Data War Dialling War Dialing used to be the only way to find modems In reality, war dialing discovers less than 25% of the problem User leaves connection to ISP dialed in so when you war dial you get a busy signal Discover the maintenance modems you already know exist The user who was connected to his ISP all day has taken his laptop home so when you war dial all you find is the fax machine which is entirely legitimate War dial server PSTN ISP 10. Threats to Voice & Data PBX Attack Voicemail PBX FAX Servers Modems LAN Central Office Internet PSTN Intruder Remote access to PBX can allow service disruption or Theft. 11. Threats to Voice & DataResource Hijacking LAN Voicemail PBX FAX Servers Modems Central Office Internet PSTN Intruder Unauthorised services 12. Communications Fraud

  • Communications Fraud is the use of Telecommunications products or services with no intention of payment
  • Toll fraud costs an estimated $72 - $80 Billion globally (Source Communications Fraud Control Association (CFCA))
    • These losses represent 4.5% of global telecom revenues
    • Fraud (value) has increased by 34% since 2005
  • Top 5 locations for communications fraud:
    • Cuba
    • Philippines
    • Lichtenstein
    • India
    • U.K
    • Cont..

13. Communications Fraud

  • Top 3 communications fraud losses:
    • 29% (approx. $22Billion USD) Subscription / Identity theft
    • 20% (approx. $15 Billion USD) Compromised PBX / Voicemail systems
    • 6% (approx. $4.5 Billion USD) Premium rate service fraud
  • It is important to recognise that communications fraud is not limited to those with poor PBX administration.
  • Organised criminal fraternities are operating on a massive scale to defraud companies and individuals by compromising their telecommunications. resources and using them for financial gain.
  • There is a reported link between some Communications fraud and global terrorism.

14. The solution 15. The solution

  • As with the traditional layout of the IT network, we strongly recommend the use of border security devices such as voice firewall and Intrusion Prevention Systems.

16. The SecureLogix ETM system The ETM System LAN Modem PSTN Trunks Firewall Phones Internet Provider Internet Connection Phones PBX Service Provider Switch ETM System Voice Firewall: Blocks phone line attacks. Controls voice network access and service use.Voice IPS: Prevents malicious and abusive call patterns such as toll fraud.Performance Manager: Enterprise-wide dashboard. Real-time performance monitoring & diagnostics.Usage Manager: Enterprise-wide, PBX-independent CDR, call accounting, & resource utilization.Call Recorder: Policy-based recording of targeted calls. Trunk-side, cost effective solution. 17. The SecureLogix ETM system TeleView Client Central Office ETM Appliances ETM Management Report Database Server IP Network Trunks TeleView Remote Clients

  • PRI
  • T1
  • Analogue
  • E1
  • VoIP
  • 3DES encryption
  • 3DES encryption

18. Contacts

  • Please contact Jason Dewar of Context Information Security:
  • e:[email_address]
  • : +44 (0)20 7537 7515
  • : Context Information Security
  • 30 Marsh Wall
  • London
  • United Kingdom
  • E14 9TP


View more >