Broadband VoIP: Securing a Promising New Revenue Stream

660 views
582 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
660
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
26
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Broadband VoIP: Securing a Promising New Revenue Stream

  1. 1. White Paper: Technology Infrastructure & Integration White Paper: Industry Name Broadband VoIP: Securing a Promising New Revenue Stream THIS SPACE IS FOR A CONCEPTUAL ILLUSTRATION IN THIS WHITE PAPER: Introduction: VoIP Emerges Amidst Opportunities, Threats 1 A High Bar to Clear 2 • VoIP Vulnerabilities 3 A Comprehensive Security Approach 5 • Preparing for VoIP Primetime 6
  2. 2. BroadBAND VoIP: SECURING A PROMISING NEW REVENUE STREAM Voice over Internet Protocol (VoIP) telephone service is poised to explode in popularity, Not surprisingly, broadband operators have readily provided a range of security issues are effectively embraced VoIP as a way to increase revenue. But as addressed. BearingPoint’s professionals have they rush to capture this new business, hackers are identified key steps service providers can take rushing too—to explore and exploit ways to steal or disrupt the services created by the budding technology. to capitalize on the revenue potential of this emerging technology. INTRODUCTION: VoIP EMERGES VoIP today represents an immense growth opportunity AMIDST OPPORTUNITIES, THREATS for service providers. Gartner Dataquest projects a steady increase in consumer VoIP lines in the United Voice over Internet Protocol (VoIP) telephony has States in the next three years (see Figure 1). quickly matured from its early adopter phase into a viable, proven replacement for home and business Not surprisingly, broadband operators have readily telephone service. VoIP is more than just a service embraced VoIP as a way to increase revenue. But as they replacement, though. It opens the door to a host of rush to capture this new business, hackers are rushing eagerly anticipated telephone features, such as the too—to explore and exploit ways to steal or disrupt the ability to check voicemail anywhere, anytime, including services created by the budding technology. via the Web, and the power to forward a phone call wherever and whenever you want. FIGURE 1. Consumer VoIP Connections by Provider Type Millions of VoIP Connections 25 Other CLECs 20 Cable Companies ILECs 15 10 5 0 2003 2004 2005 2006 2007 2008 Source: Gartner Dataquest (June 2004) BearingPoint Institute for Executive Insight ~1~
  3. 3. BroadBAND VoIP: SECURING A PROMISING NEW REVENUE STREAM Service providers must focus more effort and resources on VoIP security if they are to provide the level of VoIP is at its heart an information technology reliability and trust that subscribers associate with application. As such, it is just as susceptible to hacker traditional telephone service. Despite projected growth, assaults as e-mail and Web sites. The threat can take the form of a denial of service (DoS) attack, theft many see the security challenges VoIP faces as keeping of service or degradation of service. subscriber volume well below potential capacity. Potential consumer users of VoIP certainly sense a problem. A Harris Interactive® online survey found A HIGH BAR TO CLEAR that among U.S. adults aware of but not using VoIP, 60 percent believe it could be subject to security and The reliability of the public switched telephone network privacy issues.1 has led both business and consumer users to have high expectations of VoIP, including: Service providers face their own risks, too. For example, enterprising hackers “uncapped,” or removed, the soft- • Anytime availability of emergency services such ware blocks limiting bandwidth to a couple of dozen as 911. subscribers of a Midwestern cable system. The result was • Similar uptime (99.995 percent) to the traditional an estimated revenue loss of $11,000 per subscriber. phone network. Gartner, Inc. corroborates the emerging concerns • Guaranteed quality of service (QoS). around VoIP, predicting that “by 2006, signaling net- works will become a key communications target for • A guarantee that any communication between the organized and unorganized attackers (0.8 probability).”2 end parties in a call cannot be intercepted or modified by a malicious third party. Any broadband provider pursuing the VoIP market must quickly recognize and address a growing array • Not allowing any unauthorized party to make or of security issues. A window of opportunity exists to disrupt phone calls. revisit deployed networks and systems before it’s too To sustain projected growth in VoIP use, service late, as well as define policies and strategies for new providers will be expected to live up to the service systems prior to deployment. BearingPoint’s experi- standards set by legacy telephone service. enced professionals believe a comprehensive, “defense in That’s no easy assignment. VoIP is at its heart an depth” approach to VoIP security can help operators information technology application. As such, it is just as meet the considerable threats circling this promising susceptible to hacker assaults as e-mail and Web sites. technology. The threat can take the form of a denial of service (DoS) attack, theft of service or degradation of service (see sidebar “The Many Flavors of VoIP Security Threats”). 1 The 2005 Telecommunications Report, a quarterly online study, Harris Interactive, January 2005. 2 Voice Over IP Signaling Security Is Crucial, David L. Fraley, Gartner, Inc., December 16, 2004. BearingPoint Institute for Executive Insight ~2~
  4. 4. BroadBAND VoIP: SECURING A PROMISING NEW REVENUE STREAM The hacker community also is serving up some special trouble for VoIP operators. Spam over Internet VoIP service providers must move quickly and effectively Protocol, known by the appropriately unseemly to thwart these threats. Otherwise, new revenue acronym SPIT, and caller ID “spoofing” represent prime opportunities will be lost, or at least postponed until new threats. users are convinced that VoIP is safe, secure and reliable. In spoofing, someone hijacks the identity and phone number of a trusted party, such as a bank. The identity appears on the caller ID box of an unsuspecting victim, VoIP application-level attacks: At the application with the caller hoping to co-opt valuable information, level, a variety of VoIP-specific attacks can be performed such as account numbers, or otherwise engage in mali- to disrupt or manipulate service. cious mischief. Spoofing is a particularly vicious ploy as it exploits the socially accepted form of authentication Privacy violations: Compromised systems can reveal provided by caller ID to steal and disrupt. confidential information or be used to break into other systems. The consequences of this can include: VoIP VULNERABILITIES • DoS attacks on signaling or media traffic. VoIP is susceptible to threats at various IT architectural • Eavesdropping on conversations or signaling traffic. levels, as well as to the organizational fallout from compromised systems: • Interference with service functionality and advanced features. Attacks against the underlying VoIP device’s oper- ating system: VoIP devices inherit the same vulnerabil- • Connection requests from nonsubscribers. ities of the operating system or firmware on top of • Cloning of customer premise equipment. which they run. • SPIT or spam. Configuration weaknesses in VoIP devices: Many VoIP devices, in their default configuration, have a VoIP service providers must move quickly and effectively variety of exposed TCP (transmission control protocol) to thwart these threats. Otherwise, new revenue oppor- and UDP (user datagram protocol) ports. The default tunities will be lost, or at least postponed until users are services running on the open ports may be vulnerable to convinced that VoIP is safe, secure and reliable. DoS attacks, buffer overflows or authentication bypass, which may result in compromising the VoIP device. The hacker community also is serving up some special IP infrastructure attacks: The availability of VoIP trouble for VoIP operators. Spam over Internet services directly depends on the availability of the IP Protocol, known by the appropriately unseemly infrastructure they ride upon. Vulnerabilities on non- acronym SPIT, and caller ID “spoofing” represent prime VoIP systems can threaten the security posture of new threats. VoIP devices. BearingPoint Institute for Executive Insight ~3~
  5. 5. BroadBAND VoIP: SECURING A PROMISING NEW REVENUE STREAM THE MANY FLAVORS OF Degradation of Service VoIP SECURITY THREATS • VoIP, network and broadband equipment can be highly susceptible to service degradation from high CPU (central processing unit) demand. Most devices The scenarios below, which are not exhaustive, show can’t schedule, prioritize or forward traffic reliably the breadth and damage potential of VoIP security when under a high CPU load. Therefore, an attack threats: that targets processes on network gear can possibly max out the CPU and force degradation. Theft of Service • Network traffic flooding—Saturating network and • Cloning or copying of a broadband modem or broadband links could force VoIP traffic to be MTA/IAD (message transfer agent/integrated access dropped or delayed if proper QoS and prioritizing device) MAC (medium access control) address onto a are not enabled. “hacked modem” or MTA/IAD. This can confuse • Broadband endpoint traffic flooding—Typical VoIP voice gateways and network equipment in granting endpoints listen on UDP ports. Flooding these ports service to the “cloned” MTA/IAD. could potentially disrupt voice service. Additionally, • Modification to DNS (domain naming system) and broadband access devices such as cable modems DDNS (dynamic domain name server) servers. use DOCSIS (data over cable service interface Because VoIP equipment is heavily dependent on specification) service flows, which have a maximum DNS/DDNS, gaining access to the DNS server and sustained throughput rate. Flooding traffic to the changing the IP address of an entry could redirect cable modem that matches the VoIP service flow traffic and access to an unauthorized user. classifiers can create a “clipping” experience, where • Gaining access to provisioning server and enterprise “bad” traffic and “good” traffic are on the same messaging server systems. This could allow an “pipe,” and good traffic gets cut off. attacker to provision or re-provision an entry to talk to a different device. Denial of Service • Gaining access to SIP (single inline package) authen- • Most call agents and VoIP end devices listen on tication information. This could potentially allow well-known UDP ports (2427, 2727, 5060). Flooding any user with a SIP endpoint to register to a SIP these ports with either “real” or “bogus” traffic proxy and obtain service. can potentially crash the voice processes, delay • Hacked and modified firmware on a broadband legitimate traffic and even take down a call agent or endpoint such as a cable modem, which has embed- SIP proxy. ded MTAs, can theoretically cause the device to • Modification of DNS/DDNS servers to change legiti- change DHCP (dynamic host configuration protocol) mate DNS entries to fake or bogus ones can deny parameters and ask for a VoIP configuration file voice service to any or all customers. it shouldn’t get. That configuration file could then • Network saturation can deny service if proper QoS grant access to VoIP services. is not enabled. • If eavesdropping is considered theft of service, not • Stealing the IP address of a valid VoIP endpoint can having encryption on a broadband network could potentially deny service to that device. allow sniffers to capture audio RTP (real-time • SNMP (simple network management protocol) transport protocol) traffic and playback to acquire access to a device—a call agent, gateway or end- valuable information. point—can potentially disable, change or disrupt voice services. BearingPoint Institute for Executive Insight ~4~
  6. 6. BroadBAND VoIP: SECURING A PROMISING NEW REVENUE STREAM A COMPREHENSIVE SECURITY APPROACH SPIT, spoofing and other emerging VoIP threats are in Taking a proactive approach today can help stave their infancy today. But, as the technology achieves off trouble. As technology solutions mature, operators widespread adoption, they have the potential to grow can focus on implementing the right operational procedures, processes and technology controls. into giant problems. Taking a proactive approach today can help stave off trouble. As technology solutions mature, operators can focus on implementing the right operational proce- Achieving these objectives requires a holistic security dures, processes and technology controls. Creating a approach that goes beyond core technology components secure VoIP environment requires service providers to to address four key dimensions: address three key areas of security concern: Regulatory: Complying with regulatory and legal Availability requirements affecting security frameworks, including the Communications Assistance for Law Enforcement • Preserve the availability of VoIP service Act (CALEA), Enhanced 911 (E911) rules and the • Stop DoS attacks Sarbanes-Oxley Act. Integrity Organization and people: Developing a security • Preserve the integrity of the VoIP environment structure and establishing roles, responsibilities and developmental programs. Also addressed are inter- and • Prevent theft and fraudulent use of VoIP service intradepartmental relationships and vendor manage- Confidentiality ment, as well as the skills and security culture in the operations, administration and engineering areas. • Preserve the confidentiality of VoIP communications Process: Establishing the policies, processes and • Keep information secure and private practices used to protect and maintain technology and services, including assessment, prevention, detection, response and compliance. SPIT, spoofing and other emerging VoIP threats are in Technology: Creating the security framework, tools, their infancy today. But, as the technology achieves support systems and integration involved in all aspects widespread adoption, they have the potential to grow of the security solution, including endpoints, access into giant problems. networks, the core IP network, VoIP infrastructure, common services and border/perimeter networks. Also addresses technologies being secured, including networks, servers, eMTAs (electronic message transfer agents), IADs (integrated access devices) and applications. BearingPoint Institute for Executive Insight ~5~
  7. 7. BroadBAND VoIP: SECURING A PROMISING NEW REVENUE STREAM FIGURE 2. Defense in Depth Framework • Establish a security governance program and committee PEOPLE • Ensure executive leadership support • Take a proactive approach to prevention, detection and response PROCESS • Validate policies, procedures, standards and guidelines • Deploy monitoring solutions through a 24x7 security operations center TECHNOLOGY • Deploy audit and compliance solutions Based on BearingPoint’s work with leading multiple system operators (MSOs) and other VoIP early Use of a delivery methodology, such as BearingPoint’s adopters, an assessment of all underlying VoIP infra- ProvenCourse®, in creating a Defense in Depth frame- structure components is an important first step in work can help shorten implementation time, lower addressing these key areas. This assessment would associated costs and decrease deployment risk. extend beyond network elements to address operational and business support systems—every VoIP component from order to cash. This thorough assessment lays the groundwork for BUSINESS AND SYSTEMS ALIGNED. service providers to create a Defense in Depth Frame- BUSINESS EMPOWERED. work (see Figure 2). Use of a delivery methodology, such BearingPoint is a leading global business advisor, sys- as BearingPoint’s ProvenCourse®, in creating such a tems integrator and managed services provider. Our framework can help shorten implementation time, experienced professionals help organizations around the lower associated costs and decrease deployment risk. world set direction to reach their goals and create enter- prise value. By aligning their business processes and PREPARING FOR VoIP PRIMETIME information systems, we empower our clients with the Just as it has transformed data communications, the right business solutions to gain competitive leadership Internet is destined to revolutionize telephone service— advantage—delivering measurable results in an acceler- but only when businesses and consumers trust it as they ated time frame. To learn more, contact us at do traditional telephone systems. By aggressively tack- 1.866.BRNGPNT (+1.703.747.6748 from outside the ling the security issues discussed here, service providers United States and Canada) or visit our Web can move quickly to achieve the healthy subscriber and site at www.bearingpoint.com. revenue growth potential that VoIP telephony offers. And leave hackers gasping in their wake. BearingPoint Institute for Executive Insight ~6~
  8. 8. BroadBAND VoIP: SECURING A PROMISING NEW REVENUE STREAM ABOUT THE AUTHORS Fred Hoffmann is a managing director in BearingPoint’s Technology Infrastructure and Integration practice and leader of BearingPoint’s Service Provider VoIP solutions. Fred has led initiatives in the broadband VoIP domain since 1999, providing network engineering and provi- sioning leadership for a number of North America’s largest VoIP subscriber deployments. Stephen Doty is a manager with BearingPoint’s Tech- nology Infrastructure and Integration practice, a key member of BearingPoint’s Global Information Security team and the co-solution lead for BearingPoint’s VoIP Security service offerings. BearingPoint Institute for Executive Insight ~7~
  9. 9. The BearingPoint Institute is a professional knowledge center providing executives with decision-making information that is critical to global business and management issues. This knowledge will be driven by objective thinking, industry leaders and management consultancy expertise. CONSULTING • SYSTEMS INTEGRATION • MANAGED SERVICES bearingpointinstitute.com © 2005 BearingPoint, Inc. All rights reserved. Printed in the United States. ProvenCourse is a service mark of BearingPoint, Inc. and its affiliates. All other trademarks are the property of their respective owners. C3161-BEI-0505-01-USRD541

×