Collaboration Security, Mark Collier, robocalls, SecureLogix, TDoS, Telephony Denial of Service
Harassing calls, UC Security, Unified Communications Security, Voice Over IP Security, Voice Security, VoIP Security
SecureLogix just released our 2013 Voice and Unified Communications State of Security Report. Rod Wallace and myself authored the report. The report covers the most significant voice and UC threats. the report describes the threats and why they have recently and continue to become more severe. The report is also unique in that it presents real-world data collected from several hundreds assessments and managed service engagements, using our technology, on enterprise voice and UC networks. We present trending data and santized attack examples for each threat.
Here is a link to the report. Please give it a read and let me know what you think:
The Comunications Fraud Control Association (CFCA) publised a link to a bulletin from the Department of Homeland Security (DHS) NCCIC. The bulletin describes threats and TDoS attacks against 911 emergency services. Apparently the attacker targets an administrative Public Safety Answering Point (PSAP) demanding payment. If the payment is not made, the attacker floods the target PSAP (911) with TDoS calls. The bulletin describes many calls, for an extended period of time, that affect both incoming and outgoing calls. The 911 service is likely targeted due to the high criticality of the service.
This threat and attack can be easily extended to contact centers, other government services, or any critical voice service for an enterprise.
Brian Krebs, a well know security expert, experienced a SWATing attack. For anyone not familiar with this term, the idea is simply that you call 911 and state that there is an emergency that requires a SWAT team to intervene. By calling 911 and spoofing your calling number, you can trick the SWAT team into showing up at your victims location/residence. It is trivial to spoof your calling number. It is also very easy to use free text to speech services to create an audio file that states the emergency, but avoids the attacker having to use their own voice.
This is an extremely dangerous attack. I fear this attack will become more common and it is a matter of time before an attack takes place and someone gets seriously injured.
Here is yet another article about toll fraud. This one makes a particularly scary point - that being that toll fraud can seriously affect, even put SME's out of business is a very short amount of time. Toll fraud can affect any enterprise, but smaller enterprises are often the target - they have enough trunk capacity to generate a lot of calls, often do not secure their systems and leave them in a default configuration, and can be limited in their ability to monitor traffic.