Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
•    •BDPA DALLAS           •May 24th Program                                Meeting               •UC Security - Cloud   ...
Discussion Topics•   Potential Security Breaches & Associated Cost•   Cloud Computing and Topology•   SIP – UC Cloud / IAA...
Potential Security Breaches
The Cost of Unsecured Hosted and Private UC Environments.  One Successful Toll    Fraud Attack                 $40,000
A crisis of complexity. The need for                 progress is clear.      Global Annual Server Spending                ...
Reports: Security Pros Shift AttentionFrom External Hacks To Internal ThreatsMajority of IT and security execs say insider...
Perimeter defense is essential –   But it doesn’t guard data against the human factorLost or         Intellectual propert...
Increased collaboration brings increased complexity                            and increased risk.Foes, Gremlins, andBanan...
Many companies expend resources on the      network without achieving the expected results.•   A piecemeal approach to net...
Ponemon Institute’s Security Breach Studies•   Ponemon Institute’s released two separate reports, ”The First Annual Cost o...
Cloud Security Breach Examples• Google Doc allowed shared permission without user  knowledge   –   http://www.google.com/s...
UC Cloud Computing and Topology
Cloud: Consumption & Delivery Models Optimized                 by Workload             “Cloud” is:                        ...
Is cloud computing really new? Yes, and No.Cloud computing is a new consumptionand delivery model inspired by consumerInte...
Today there are three primary delivery models that                     companies are implementing for cloud Enterprise    ...
Security Implications of the Delivery               Models
Cost savings and faster time to value are theleading reasons why companies consider cloud              To what degree woul...
Managing Cloud Adoption• Cloud economics can be compelling     – Small companies will adopt as reliable, easy-to-use servi...
Elements that Drive Cloud Efficiency andInfrastructure                         Economics                  Virtualization o...
Enterprise Benefits from Cloud Computing  Capability         From                                                         ...
Clients told us their implementation strategies —public or private Cloud, present or future — for 25                 speci...
Clients cite "push factors" for and "barriers" against       cloud adoption for each workload type                        ...
IT needs to become smarter about…… delivering “services” and service management    Standardized processes    Service man...
Focus on Managing Services       End to End Service Management       Architectural and process level integration that     ...
3 options to deploy workloads – providing you   the choice to meet your business needs!   Smart Business Services – cloud ...
SIP – UC Cloud / IAAS Topology
What do we mean by UnifiedCommunications and Collaboration?                               Web Conferencing                ...
Renovate & Innovate• How do we address the immediate pressure to cut costs, reduce risk and  complexity?• How do we Innova...
Benefits of Unified Communications• UC benefits come from  extending the UC network           Extended Workforce       Sup...
Challenges of Extending UC• IP PBX & phone protection              Extended Workforce       Suppliers, Partners• Policy an...
Additional Security Concerns• The significant security concerns for this type  of deployment are mainly SIP/SCCP/H.323 cal...
High-level Cloud Security concerns                                                                                   Data ...
Industry, Government, Risk & Corporate              ComplianceNumerous mandates for privacy apply to UC deployments as wel...
Inherent Technology Threats
Cloud Security 101: Simple Example                        TODAY                             TOMORROW                      ...
What is a SIP Trunk? Definition:   • SIP Trunk is a service offered by   Enterprise                                      ...
SIP Trunk Requirements   Threat protection     •   What about toll fraud, Spam, DoS     •   Who has access to my PBX     ...
SIP Trunk Requirements Cont’d
Key Benefits of UC Cloud Computing              Security
The UC Cloud Computing Security                   Competitive Advantage            Security Services                      ...
Case Studies
The Cost Benefits of a SIP Deployment
Return on Security Investment• Return on Security Investment factors  – Single Loss Expectancy (SLE)     • Dollar amount a...
Theft of Service Assumptions• Large Enterprise with 500 SIP trunks   – 50% average utilization• Without SIP trunk security...
Theft of Service Business CaseUnprotected SIP Trunk                               Protected SIP TrunkItem          Qty    ...
Loss of Service Assumptions• Large enterprise  – 25,000 users  – 20% using softphones• Assets  – 5 Avaya SES SIP servers  ...
Threat Level Assumptions•   Threat level or probability of exploit       •   IP Phones, Softphones     – 37 Vulnerabilitie...
Loss of Service ALE CalculationNumber    Vulnerability Type   Probability of     Assets Affected   $Loss on single    Annu...
Loss of Service Business CaseUnprotected IP-PBX                                 Sipera-protected IP-PBXItem          Qty  ...
Other Downtime Effects•   Impact on stock price                        •   Interest value on deferred billings•   Cost of ...
Hacking Tools - YouTube Movies• http://youtu.be/89fXxmaca4E• http://youtu.be/x56j2BRkUME• http://youtu.be/DU8hg4FTm0g
UC Cloud Computing Security
UC Cloud Computing Security
UC Cloud Computing Security
Upcoming SlideShare
Loading in …5
×

UC Cloud Computing Security

409 views

Published on

Using ESBC\'s as A IAAS Cloud Platform for the SMB Space.

  • Be the first to comment

  • Be the first to like this

UC Cloud Computing Security

  1. 1. • •BDPA DALLAS •May 24th Program Meeting •UC Security - Cloud Computing •Dean Jones, Engagement Manager •Infrastructure As A Service (IAAS)
  2. 2. Discussion Topics• Potential Security Breaches & Associated Cost• Cloud Computing and Topology• SIP – UC Cloud / IAAS Topology• Case Studies
  3. 3. Potential Security Breaches
  4. 4. The Cost of Unsecured Hosted and Private UC Environments. One Successful Toll Fraud Attack $40,000
  5. 5. A crisis of complexity. The need for progress is clear. Global Annual Server Spending (IDC)300 Power and cooling costs Management and admin costs250 New system spend200 Uncontrolled management150 and energy costs100 50 Steady CAPEX spend$0B To make progress, delivery organizations must address the server, storage and network operating cost problem, not just CAPEX Source: IBM Corporate Strategy analysis of IDC data 5 Cloud Computing
  6. 6. Reports: Security Pros Shift AttentionFrom External Hacks To Internal ThreatsMajority of IT and security execs say insider vulnerabilities worry them most.Mar 09, 2009 | 08:08 AMBy Tim WilsonDarkReadingIts official: Todays security managers are more worried about insiders leaking sensitivecorporate data than they are about outsiders breaking in to steal it.http://www.darkreading.com/insiderthreat/security/vulnerabilities/showArticle.jhtml?articleID=215801195
  7. 7. Perimeter defense is essential – But it doesn’t guard data against the human factorLost or  Intellectual property exposed to competitorsstolen  Sensitive customer data compromiseddevices  Competitive information leaked to the mediaExposed  Extracts pulled for processing and reportingbusiness  Circulating data across organizationsprocesses  Workarounds during system outagesMalicious  Malware deployed within the networkinsiders  Intentional misuse of company information  Identity theft and Industrial espionageCareless use  Viruses unwittingly downloaded at homeof the  Unsecured archives or copies of datacorporate  Uncontrolled circulation of classified documents or personal e-mail messagesnetwork
  8. 8. Increased collaboration brings increased complexity and increased risk.Foes, Gremlins, andBananaPeels Coffee Shop Hotels Home Business Inadequate, disjointed Partners Supply technology management Chain
  9. 9. Many companies expend resources on the network without achieving the expected results.• A piecemeal approach to network security and updates leads to an overly complex infrastructure – Time-consuming to pinpoint causes of performance problems, especially for newly added voice and video applications that impact traditional mission-critical applications – Difficult to determine the best way to optimize costs and performance – Hard to estimate future expenditures and justify current costs – Almost impossible to predict capacity requirements accurately• Through 2011, enterprises will waste $100 billion buying the wrong networking technologies and services3 – Unnecessary technologies – Excess bandwidth – Unwarranted upgrades 3 Gartner, Gartner’s Top Predictions for IT Organizations and Users, 2007 and Beyond, Daryl C. Plummer and others, December 2006.
  10. 10. Ponemon Institute’s Security Breach Studies• Ponemon Institute’s released two separate reports, ”The First Annual Cost of Cyber Crime Study” (PDF), which was sponsored by ArcSight, “The Leaking Vault” (PDF) released today by the Digital Forensics Association, both showing troubling findings for companies’ finances:• a median cost of $3.8 million for an attack per year, including all costs, from detection, investigation, containment, and recovery to any post-response operations.• out of 2,807 publicly disclosed data breaches worldwide during the past five years, the cost to the victim firms as well as those whose information was exposed reached $139 billion.• nearly half of all of the reported breaches came from a laptop, which in 95 percent of the cases is stolen• hacks led to the most stolen records during 2005 to 2009, with 327 million of the 721.9 million covered in the report, although hacks represent only about 16 percent of the data breaches• Web-borne attacks, malicious code, and malicious insiders are the most costly types of attacks, making up more than 90 percent of all cybercrime costs per organization per year• A Web-based attack costs 143,209 USD; malicious code, 124,083 USD; and malicious insiders, 100,300 USD.
  11. 11. Cloud Security Breach Examples• Google Doc allowed shared permission without user knowledge – http://www.google.com/support/forum/p/Google+Docs/thread?tid=2ef115be2ce4fd0e&hl=en• Salesforce.com phishing attack led to leak of a customer list; subsequent attacks – http://voices.washingtonpost.com/securityfix/2007/11/salesforcecom_acknowledges_dat.html• Vasrev.com Webhost hack wipes out data for 100,000 sites – http://www.theregister.co.uk/2009/06/08/webhost_attack/• Twitter company files leaked in Cloud Computing security failure – / http://www.infosecurity-us.com/view/2554/twitter-company-files-leaked-in-cloud-computing-security-failure• DDoS attack that downed Twitter also hit Facebook – http://www.computerworld.com/s/article/9136340/DDoS_attack_that_downed_Twitter_also_hit_Facebook?source=CTWNLE_nlt_security_ 2009-08-07
  12. 12. UC Cloud Computing and Topology
  13. 13. Cloud: Consumption & Delivery Models Optimized by Workload “Cloud” is: Cloud enables: • A new consumption  Self-service and delivery model inspired by consumer  Sourcing options Internet services.  Economies-of-scale Cloud Services Cloud Computing Model “Cloud” represents: Multiple Types of Clouds will co-exist:  The Industrialization of  Private, Public and Hybrid Delivery for IT  Workload and/or supported Services Programming Model Specific 15 Cloud Computing
  14. 14. Is cloud computing really new? Yes, and No.Cloud computing is a new consumptionand delivery model inspired by consumerInternet services. Cloud computing exhibits Usage Tracking Web 2.0the following 5 key characteristics: •On-demand self-service •Ubiquitous network access End User Focused •Location independent resource pooling Service Virtualization •Rapid elasticity Automation & SOA •Pay per useWhile the technology is not new, the enduser focus of self-service, self-managementleveraging these technologies is new. Cloud Computing
  15. 15. Today there are three primary delivery models that companies are implementing for cloud Enterprise Public Traditional Private Clouds Enterprise IT Cloud Hybrid Cloud Private Cloud Hybrid Cloud Public Cloud IT activities/functions are provided “as Internal and external IT activities/functions are provided a service,” over an intranet, within the service delivery “as a service,” over the Internet enterprise and behind the firewall methods are integrated, with  Key features:  Key features include: activities/functions – Scalability – Scalability allocated to based on – Automatic/rapid provisioning – Automatic/rapid provisioning security – Standardized offerings – Chargeback ability requirements, criticality, – Consumption-based pricing. – Widespread virtualization architecture and other – Multi-tenancy established policies.Source: IBM Market Insights, Cloud Computing Research, July 2009. Cloud Computing
  16. 16. Security Implications of the Delivery Models
  17. 17. Cost savings and faster time to value are theleading reasons why companies consider cloud To what degree would each of these factors induce you to acquire public cloud services? Pay only for what we use • Hardware savings Reduce costs Software licenses savings • Lower labor and IT 77% support costs • Lower outside maintenance costs Take advantage of latest functionality • Faster time to value Simplify updating/upgrading • Speed deployment 72% • Scale IT resources to meet needs Improve Improve system reliability • reliability Improve system availability 50% Respondents could rate multiple drivers itemsSource: IBM Market Insights, Cloud Computing Research, July 2009. n=1,090 UC Cloud Computing
  18. 18. Managing Cloud Adoption• Cloud economics can be compelling – Small companies will adopt as reliable, easy-to-use services are available – Scale economics are within reach of many enterprises• Client migration will be work load driven – Trade-off is value vs. risk of migration – Workload characteristics are critical – New workloads will emerge as cloud makes them affordable (e.g. pervasive analytics, Smart Healthcare)21 Cloud Computing
  19. 19. Elements that Drive Cloud Efficiency andInfrastructure Economics Virtualization of Drives lower capital Leverage Hardware requirements Utilization of Virtualized environments Infrastructure only get benefits of scale if they are highly utilized Clients who can “serve Self Service themselves” require less support and get servicesLeverage Labor Automation of Take repeatable tasks and Management automate Standardization of More complexity = Workloads less automation possible = people needed
  20. 20. Enterprise Benefits from Cloud Computing Capability From ToServer/Storage 10-20% Cloud accelerates 70-90% Utilization business value Self service None across a wide Unlimited variety ofTest Provisioning Weeks domains. Minutes Change Months Days/Hours Management Release Weeks Minutes Management Fixed costMetering/Billing Granular modelStandardization Complex Self-Service Payback period Years Monthsfor new services Legacy environments Cloud enabled enterprise Cloud Computing
  21. 21. Clients told us their implementation strategies —public or private Cloud, present or future — for 25 specific workloads Analytics • Data mining, text mining, or other analytics • Data warehouses or data marts Development and testing • Transactional databases • Development environment Analytics • Test environment Development Business Services and Test • CRM or Sales Force Automation • e-mail • ERP applications Business • Industry-specific applications Infrastructure Services • Application servers • Application streaming Collaboration • Business continuity/disaster recovery Infrastructure • Audio/video/web conferencing • Data archiving • Unified communications • Data backup • VoIP infrastructure • Data center network capacityCollaboration • Security Desktop and devices • Servers • Desktop • Storage • Service/help desk • Training infrastructure • WAN capacityDesktop and Devices Source: IBM Market Insights, Cloud Computing Research, July 2009.
  22. 22. Clients cite "push factors" for and "barriers" against cloud adoption for each workload type Barriers Higher propensity Data privacy or regulatory and for cloud compliance issues Fluctuating demand High level of Internal Highly standardized control required applications Accessibility and Modular, reliability are a independent concern applications Cost is not a concern Unacceptably Lower propensity high costs for cloud Push factors Source: IBM Market Insights, Cloud Computing Research, July 2009. n=1,090
  23. 23. IT needs to become smarter about…… delivering “services” and service management  Standardized processes  Service management systems provide visibility, control and automation  Lower operational costs and higher productivity… optimizing workloads  Rate and degree of standardization of IT and business services  Complex transaction and information management processes  Rapid return-on-investment and productivity gains… deployment choices  New models are emerging for the enterprise  Self-service, economies-of-scale, and flexible sourcing options  New choices of deployment – define these new models Analytics Collaboration Development Desktop and Infrastructure Business and Test Devices Services
  24. 24. Focus on Managing Services End to End Service Management Architectural and process level integration that delivers business aligned Visibility, Control and Automation of all Data Center Elements Modular, Self- Modular, Self- Legacy Environment : contained, Scalable NON – IBM Solutions contained, Scalable Workload Delivery Requiring workload Workload Delivery Platform connectivity Platform Service Service Service Management Management Management WORKLOAD A WORKLOAD B WORKLOAD C + + + +Mobility Facilities Production Technology CommunicationsInfrastructure Infrastructure Infrastructure Infrastructure Infrastructure
  25. 25. 3 options to deploy workloads – providing you the choice to meet your business needs! Smart Business Services – cloud services delivered. 1. Standardized services on the cloud – Public Cloud. 2. Private cloud services, built and/or run by Private Cloud. Smart Business Systems – purpose-built infrastructure. 3. Integrated Service Delivery PlatformAnalytics Collaboration Development Desktop and Infrastructure Business and Test Devices Services
  26. 26. SIP – UC Cloud / IAAS Topology
  27. 27. What do we mean by UnifiedCommunications and Collaboration? Web Conferencing Messaging Video Conferencing Voice Mobile InstantE-Mail MessagingCalendaring Call Management Communities Unified Communications + Collaboration = UC² with the added power of mobility
  28. 28. Renovate & Innovate• How do we address the immediate pressure to cut costs, reduce risk and complexity?• How do we Innovate to take advantage of new opportunities?How can we do both at the same time?• We focus on delivering services in new ways - lowering cost while increasing speed and flexibility!
  29. 29. Benefits of Unified Communications• UC benefits come from extending the UC network Extended Workforce Suppliers, Partners• New modes of collaboration – Extended workforce – Suppliers Remote Phones SIP Trunks – Partners Enterprise – Clients• Corporate policies IP-PBX – Business continuity UC Assets – Privacy compliance, auditing – Green initiatives Internal Phones SIP Trunks• Cost reduction Employees, Departments Clients – Converged infrastructure – SIP trunks
  30. 30. Challenges of Extending UC• IP PBX & phone protection Extended Workforce Suppliers, Partners• Policy and compliance Internet Hacker Infected PC enforcement• Device and user authentication Remote Phones SIP Trunks• Signaling and media privacy• Deployment Enterprise – Phone configuration and management IP-PBX – Corporate firewall configuration UC Assets – Remote firewall traversal Internal Phones SIP Trunks Employees, Departments Clients Rogue Employee Spammer
  31. 31. Additional Security Concerns• The significant security concerns for this type of deployment are mainly SIP/SCCP/H.323 call control and application level attacks along with:• Attacks originating from a peering network• End user Spam attacks• Border control and traversal issues• Handling of domain policies
  32. 32. High-level Cloud Security concerns Data Security Less Control Migrating workloads to aMany companies and governments shared network andare uncomfortable with the idea of compute infrastructure their information located on increases the potential for systems they do not control.Providers must offer a high degree unauthorized exposure. of security transparency to help Authentication and access put customers at ease. technologies become Reliability increasingly important. High availability will be a key concern. IT departments will worry about a loss of service should outages occur. Mission critical applications may not run in the cloud without strong availability guarantees. ComplianceComplying with SOX, HIPPA, PCI DSS, FERPA Security Management Providers must supply easy,and other regulations may visual controls to manage prohibit the use of clouds firewall and security for some applications. settings for applications and Comprehensive auditing runtime environments in the capabilities are essential. cloud.
  33. 33. Industry, Government, Risk & Corporate ComplianceNumerous mandates for privacy apply to UC deployments as well as data protection• FDIC VoIP Guidelines• FERPA: Family Educational Rights and Privacy Act• GLBA: Gramm-Leach-Bliley Act – consumer data protection• FTC Safeguards for consumer protection, enforcing GLBA• HIPAA: The Health Insurance Portability and Accountability Act• PCI DSS: The Payment Card Industry Data Security Standard
  34. 34. Inherent Technology Threats
  35. 35. Cloud Security 101: Simple Example TODAY TOMORROW ? ? ? ? ?We Have Control ? Who Has Control?It’s located at X. Where is it located?It’s stored in server’s Y, Z. Where is it stored?We have backups in place. Who backs it up?Our admins control access. Who has access?Our uptime is sufficient. How resilient is it?The auditors are happy. How do auditors observe?Our security team is engaged. How does our security team engage? Lesson Learned: We have responded to these questions before… clouds demand fast, responsive, agile answers.
  36. 36. What is a SIP Trunk? Definition: • SIP Trunk is a service offered by Enterprise PSTN an ITSP (Internet Telephony Service Provider) that connects a companys IP-PBX to the MGW telephone system (PSTN) via PBX Internet using the SIP VoIP standard. IPCS SIP Trunk ITSP ISP (Source: wikipedia.org) LAN Extending VoIP: Internet • With IP-PBX enterprise’s have converged data and Voice over LAN, SIP trunk allows enterprises to do the same over WAN/Internet
  37. 37. SIP Trunk Requirements Threat protection • What about toll fraud, Spam, DoS • Who has access to my PBX Enterprise PSTN • Monitoring of security incidences Policy enforcement • Need to change Fire Wall policy? PBX • Control services and features Access control SIP Trunk ITSP IPCS • Who, from where, when LAN Privacy Internet • Who has access to my private communication Deployment issues • Will it work • Change, upgrades • Voice Quality • Visibility QoS/SLA
  38. 38. SIP Trunk Requirements Cont’d
  39. 39. Key Benefits of UC Cloud Computing Security
  40. 40. The UC Cloud Computing Security Competitive Advantage Security Services Security Research • Asset Discovery • Vulnerability Discovery • Security Posture Assessment • Threat Advisory • Business Risk Assessment • Exploit Tools (Sipera LAVA) • Security Recommendations • Security Signature DevelopmentThreat Protection• Block reconnaissance• Block DoS floods Privacy• Block DDoS floods • Encryption (TLS to TCP) signaling• Block stealth DoS proxy• Block fuzzing/malformed messages • Encryption (SRTP or ERTP to RTP)• Block spoofing, masquerading, toll media proxy fraud • Topology hiding (network privacy)• Rogue media blocking • User and caller ID privacy (user• Block and verify anomalous behavior privacy) Policy Enforcement • Domain and user level blacklist Access Control • Network, user, device, ToD-based • SSL/TLS X.509 certificate-based policy control mutual authentication • Application control • Clientless two-factor (RSA SecurID) • Signaling control authentication • Media control • Local firewall/NAT traversal • Security rules and profiles • Secure channel NAT traversal • Soft key control • SIP digest authentication • Device security profiles • RADIUS AAA integration • Web application control • Call admission control
  41. 41. Case Studies
  42. 42. The Cost Benefits of a SIP Deployment
  43. 43. Return on Security Investment• Return on Security Investment factors – Single Loss Expectancy (SLE) • Dollar amount assigned to event – Annualized Rate of Occurrence (ARO) • Estimated frequency of event – Annualized Loss Expectancy (ALE) • SLE x ARO = ALE
  44. 44. Theft of Service Assumptions• Large Enterprise with 500 SIP trunks – 50% average utilization• Without SIP trunk security – Billing rate 2¢ / min – Event forces theft of 20% of average utilized trunks – SLE = 20% x 250 x 2¢ = $ 1/min – ARO = 365 days x 24 hours x 60 min = events/year – ALE = 365 x 24 hours 60 min x $1 = $525,600• With UC Security -protected SIP Trunk – VOIP Vulnerability Assessment – Best practices – Comprehensive UC security
  45. 45. Theft of Service Business CaseUnprotected SIP Trunk Protected SIP TrunkItem Qty Unit Cost Total Cost Item Qty Unit Cost Total CostCapital Cost (list price) Capital Cost (list price) VOIP Sec Asses 2 weeks $10,000 $20,000 UC-Sec 2000 HA 1 pair $65,950 $65,950 UC-SEC EMS 1 $7,495 $7,495 Installation 1 $3,000 $3,000Total Capital Cost $0 Total Capital Cost $96,445Monthly Service Theft Cost Monthly Maintenance CostTheft 30*24*60 $1 $43,200 UC-Sec Maint. 1 yr / 12 $13,190 $1,099 = 43,200 EMS Maint. 1 yr / 12 $1,499 $125Total Monthly Theft Cost $43,200 Total Monthly Maintenance Cost $1,224 Pay Back Period: 3 months and IRR > 75% With No VoIP/UC Security In place Annualized Loss Expectancy = $525,600
  46. 46. Loss of Service Assumptions• Large enterprise – 25,000 users – 20% using softphones• Assets – 5 Avaya SES SIP servers – 25,000 IP Phones – 5,000 Softphones – Softphone laptops carry company confidential data
  47. 47. Threat Level Assumptions• Threat level or probability of exploit • IP Phones, Softphones – 37 Vulnerabilities discovered – Confidentiality – 7 high threats with exploit probability • 1 medium: Unencrypted snoop >70% per month – Integrity – 5 medium threats with exploit • 2 medium: Spoofing / hijacking probability >50% per month – Availability – 26 low threats with exploit probability • 2 high: Denial of Service, fuzzing <50% per month • 1 medium: QoS degradation• SIP Servers • Softphones only – Integrity – Confidentiality and availability • 1 medium: Spoof Call Server • 2 high: Fuzzing with execute shell – Availability code • 2 high: Denial of Service – Integrity (no high/medium) • 1 medium: Service degradation
  48. 48. Loss of Service ALE CalculationNumber Vulnerability Type Probability of Assets Affected $Loss on single Annualized rate Annualized Loss Exploit occurrence of occurrence Expectancy1 DoS High Server 15 mins, $50,000 7 350,0002 DoS High Server 15 mins, $50,000 7 350,0003 Degradation Medium Server 15 mins, $25,000 5 125,0004 Spoofing Medium Server 15 mins, $35,000 5 175,0005 DoS High IP Phone, 1 hr, $50 35 1,750 Softphone6 DoS High IP Phone, 1 hr, $50 35 1,750 Softphone7 Degradation Medium IP Phone, 1 hr, $25 25 625 Softphone8 Spoofing Medium IP Phone, 1 hr, $500 25 6,250 Softphone9 Hijack Medium IP Phone, 1 hr, $500 25 6,250 Softphone10 Sniffing Medium IP Phone, 1 hr, $500 25 6,250 Softphone11 Buffer overflow, High Softphone Company, $3000, 35 105,000 Shell-code12 Buffer overflow, High Softphone Company, $3000, 35 105,000 Shell-codeTotal 12 7 High, 5 medium ~ $1.2 million
  49. 49. Loss of Service Business CaseUnprotected IP-PBX Sipera-protected IP-PBXItem Qty Unit Cost Total Cost Item Qty Unit Cost Total CostCapital Cost (list price) Capital Cost (list price) VIPER Asses 2 weeks $10,000 $20,000 UC-Sec 50k HA 1 pair $229,850 $229,850 UC-SEC EMS 1 $7,495 $7,495 Installation 1 $3,000 $3,000Total Capital Cost $0 Total Capital Cost $260,345Monthly Service Loss Cost Monthly Maintenance CostLoss 1 $100,000 $100,000 UC-Sec Maint. 1 yr / 12 $30,000 $2,500 EMS Maint. 1 yr / 12 $1,499 $125Total Monthly Loss Cost $100,000 Total Monthly Maintenance Cost $2,625 Pay Back Period: 3 months and IRR > 60% With No VoIP/UC Security In place Annualized Loss Expectancy = $1,200,000
  50. 50. Other Downtime Effects• Impact on stock price • Interest value on deferred billings• Cost of fixing / replacing equipment • Penalty clauses invoked for late delivery• Cost of fixing / replacing software and failure to meet Service Levels• Salaries paid to staff unable to undertake • Loss of profits productive work • Additional cost of credit through reduced• Salaries paid to staff to recover work credit rating backlog and maintain deadlines • Fines and penalties for non-compliance• Cost of re-creation and recovery of lost • Liability claims data • Additional cost of advertising, PR and• Loss of customers (lifetime value of each) marketing to reassure customers and and market share prospects to retain market share• Loss of product • Additional cost of working; administrative• Product recall costs costs; travel and subsistence etc.• Loss of cash flow from debtors
  51. 51. Hacking Tools - YouTube Movies• http://youtu.be/89fXxmaca4E• http://youtu.be/x56j2BRkUME• http://youtu.be/DU8hg4FTm0g

×