A General presentation By Jason Dewar © Context Information Security Limited /  Commercial in confidence    Voice edge sec...
Presented by: Jason Dewar Enterprise Telephony Management A Presentation for Linkedin    19th June 2008
Agenda <ul><li>Introduction to Context Information security </li></ul><ul><li>Voice security issues </li></ul><ul><li>Voic...
Context Information Security <ul><li>Founded 1998 as a one-stop-shop information security consultancy. </li></ul><ul><li>S...
Voice Network threats <ul><li>Cross network attacks – LAN penetration through Voice lines. </li></ul><ul><ul><li>Authorise...
Traditional IT Security Firewall IDS Router Good News  –  Internet devices work reasonably well Bad news  –  Modem usage c...
Authorised Modem attacks Modem Intruder LAN Servers Central Office Internet Voicemail PBX PSTN Alarm Systems Sprinkler Sys...
Threats to Voice & Data Un-authorised Modem attacks LAN Servers Modems Central Office Internet PSTN Blocked at the perimet...
Threats to Voice & Data War Dialling War Dialing used to be the only way to find modems In reality, war dialing discovers ...
Threats to Voice & Data PBX Attack Voicemail PBX FAX Servers Modems LAN Central Office Internet PSTN Intruder Remote acces...
Threats to Voice & Data  Resource Hijacking LAN Voicemail PBX FAX Servers Modems Central Office Internet PSTN Intruder Una...
Communications Fraud <ul><li>“ Communications Fraud is the use of Telecommunications products or services with no intentio...
Communications Fraud <ul><li>Top 3 communications fraud losses: </li></ul><ul><ul><li>29% (approx. $22Billion USD) – Subsc...
The solution
The solution <ul><li>As with the traditional layout of the IT network, we strongly recommend the use of border security de...
The SecureLogix ETM system The ETM ®  System LAN Modem PSTN Trunks Firewall Phones Internet Provider Internet Connection P...
The SecureLogix ETM system TeleView ®  Client Central Office   ETM ®  Appliances ETM ®   Management Report Database Server...
Contacts <ul><li>Please contact Jason Dewar of Context Information Security: </li></ul><ul><li>e:  [email_address] </li></...
Upcoming SlideShare
Loading in …5
×

Generic Voice Security Issues

801 views
677 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
801
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Generic Voice Security Issues

  1. 1. A General presentation By Jason Dewar © Context Information Security Limited / Commercial in confidence Voice edge security Thursday, November 12, 2009
  2. 2. Presented by: Jason Dewar Enterprise Telephony Management A Presentation for Linkedin 19th June 2008
  3. 3. Agenda <ul><li>Introduction to Context Information security </li></ul><ul><li>Voice security issues </li></ul><ul><li>Voice security solution </li></ul><ul><li>Contacts </li></ul>
  4. 4. Context Information Security <ul><li>Founded 1998 as a one-stop-shop information security consultancy. </li></ul><ul><li>Serves mainly financial services sector and MoD </li></ul><ul><ul><li>Major voice security projects delivered for US Army Europe (USAREUR), US Air-Force Europe (USAFE), UK Govt departments, Bloomberg, Symantec, Asda etc.. </li></ul></ul><ul><li>Penetration testing activities highlight the need for a solution to mitigate security issues associated with unauthorised and insecure voice services </li></ul><ul><ul><li>Unguarded IP access to the corporate network via modem usage is regularly raised as a critical security issue. </li></ul></ul><ul><li>Initiated contact with members of the Wheel Group , creators of NetRanger IDS product, who had formed SecureLogix , to investigate how to resolve voice security issues </li></ul><ul><li>CIS has had direct input into development of the Enterprise Telephony Management system </li></ul>
  5. 5. Voice Network threats <ul><li>Cross network attacks – LAN penetration through Voice lines. </li></ul><ul><ul><li>Authorised and unauthorised Modem backdoors into LAN. </li></ul></ul><ul><li>Attacks on voice system – Service theft / Toll fraud. </li></ul><ul><ul><li>PBX, DISA, Voice mail… </li></ul></ul><ul><ul><li>Estimated $30 - $40 Billion annually in US (Source CFCA). </li></ul></ul><ul><li>Unauthorised ISP Connectivity – Insider theft. </li></ul><ul><ul><li>Transfer of confidential information. </li></ul></ul><ul><ul><li>Upload / Download of restricted content. </li></ul></ul><ul><ul><li>Viruses. </li></ul></ul><ul><ul><li>Hacks. </li></ul></ul><ul><li>Line Misuse & Abuse. </li></ul><ul><ul><li>Unauthorised calls and conversations. </li></ul></ul><ul><ul><li>Voice service Misuse & Abuse (E.G. International & premium rate calling). </li></ul></ul>
  6. 6. Traditional IT Security Firewall IDS Router Good News – Internet devices work reasonably well Bad news – Modem usage can bypass these devices Typical IT Network Blocked! Alert!
  7. 7. Authorised Modem attacks Modem Intruder LAN Servers Central Office Internet Voicemail PBX PSTN Alarm Systems Sprinkler Systems HVAC Systems Elevator Systems Refinery Controls Power Grid
  8. 8. Threats to Voice & Data Un-authorised Modem attacks LAN Servers Modems Central Office Internet PSTN Blocked at the perimeter Worms Trojans Viruses Internet traffic blocked at the LAN perimeter can be re-routed using Modems
  9. 9. Threats to Voice & Data War Dialling War Dialing used to be the only way to find modems In reality, war dialing discovers less than 25% of the problem User leaves connection to ISP dialed in so when you war dial you get a busy signal Discover the maintenance modems you already know exist The user who was connected to his ISP all day has taken his laptop home so when you war dial all you find is the fax machine – which is entirely legitimate War dial server PSTN ISP
  10. 10. Threats to Voice & Data PBX Attack Voicemail PBX FAX Servers Modems LAN Central Office Internet PSTN Intruder Remote access to PBX can allow service disruption or Theft.
  11. 11. Threats to Voice & Data Resource Hijacking LAN Voicemail PBX FAX Servers Modems Central Office Internet PSTN Intruder Unauthorised services
  12. 12. Communications Fraud <ul><li>“ Communications Fraud is the use of Telecommunications products or services with no intention of payment” </li></ul><ul><li>Toll fraud costs an estimated $72 - $80 Billion globally (Source Communications Fraud Control Association (CFCA)) </li></ul><ul><ul><li>These losses represent 4.5% of global telecom revenues </li></ul></ul><ul><ul><li>Fraud (value) has increased by 34% since 2005 </li></ul></ul><ul><li>Top 5 locations for communications fraud: </li></ul><ul><ul><li>Cuba </li></ul></ul><ul><ul><li>Philippines </li></ul></ul><ul><ul><li>Lichtenstein </li></ul></ul><ul><ul><li>India </li></ul></ul><ul><ul><li>U.K </li></ul></ul><ul><ul><li>Cont….. </li></ul></ul>
  13. 13. Communications Fraud <ul><li>Top 3 communications fraud losses: </li></ul><ul><ul><li>29% (approx. $22Billion USD) – Subscription / Identity theft </li></ul></ul><ul><ul><li>20% (approx. $15 Billion USD) – Compromised PBX / Voicemail systems </li></ul></ul><ul><ul><li>6% (approx. $4.5 Billion USD) – Premium rate service fraud </li></ul></ul><ul><li>It is important to recognise that communications fraud is not limited to those with poor PBX administration. </li></ul><ul><li>Organised criminal fraternities are operating on a massive scale to defraud companies and individuals by compromising their telecommunications. resources and using them for financial gain. </li></ul><ul><li>There is a reported link between some Communications fraud and global terrorism. </li></ul>
  14. 14. The solution
  15. 15. The solution <ul><li>As with the traditional layout of the IT network, we strongly recommend the use of border security devices such as voice firewall and Intrusion Prevention Systems. </li></ul>
  16. 16. The SecureLogix ETM system The ETM ® System LAN Modem PSTN Trunks Firewall Phones Internet Provider Internet Connection Phones PBX Service Provider Switch ETM® System Voice Firewall: Blocks phone line attacks. Controls voice network access and service use. Voice IPS: Prevents malicious and abusive call patterns such as toll fraud. Performance Manager: Enterprise-wide dashboard. Real-time performance monitoring & diagnostics. Usage Manager: Enterprise-wide, PBX-independent CDR, call accounting, & resource utilization. Call Recorder: Policy-based recording of targeted calls. Trunk-side, cost effective solution.
  17. 17. The SecureLogix ETM system TeleView ® Client Central Office ETM ® Appliances ETM ® Management Report Database Server IP Network Trunks TeleView ® Remote Clients <ul><li>PRI </li></ul><ul><li>T1 </li></ul><ul><li>Analogue </li></ul><ul><li>E1 </li></ul><ul><li>VoIP </li></ul><ul><li>3DES encryption </li></ul><ul><li>3DES encryption </li></ul>
  18. 18. Contacts <ul><li>Please contact Jason Dewar of Context Information Security: </li></ul><ul><li>e: [email_address] </li></ul><ul><li>www: www.contextis.co.uk </li></ul><ul><li> : +44 (0)20 7537 7515 </li></ul><ul><li> : Context Information Security </li></ul><ul><li>30 Marsh Wall </li></ul><ul><li>London </li></ul><ul><li>United Kingdom </li></ul><ul><li>E14 9TP </li></ul>

×