BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Prevent Hackers from Stealing Your VoiP and Costing You Money

Prevent Hackers from Stealing Your VoiP and Costing You Money

Hackers Stealing VoIP

Best ways to prevent your business from losing money because of hackers stealing your VoIP service.

In 2017, telecom fraud amounted to $29.2 billion in losses to organizations and carriers, according to No Jitter. One form of telecom fraud is theft of service, which is obtaining service through an individual or company without payment. VoIP is much more prone to theft of service than traditional telephony services. Service can be stolen through hackers stealing user names, passwords, and other account information. Hackers also can introduce malware into the system to more easily enable theft. Unfortunately, the Federal Communications Commission has not issued any regulations on VoIP fraud, which means that businesses are still liable for any hacked calls. Fortunately, businesses can take some precautions to prevent theft.

Protect Passwords

When businesses buy a new phone, they should always change the password from the factory settings. Some phones use different passwords for the phone interface and web interface. In this case, unique passwords should be used for each interface. Passwords should be made secure by changing them every six months and requiring at least 12 characters including upper and lower case letters, symbols and numbers. Businesses also should regularly update the admin portal password for the VoIP provider.

Limit Physical Access

VoiP phones and other instruments should be kept in a locked space to prevent unauthorized access. The environment of the space should be maintained within the limits set by the equipment manufacturer. Secure access panels to the air conditioning and power.

Build Security in Layers

To prevent attacks and service theft, an organization should plan its VoIP system as carefully as it does its data network. One way is to plan security in layers.

  • The first layer of security is preventing intrusions on the network. To secure the network, use VoIP-aware firewalls and shut down ports at any sign of malicious behavior, according to Tech Target.
  • The second layer of security is phone authentication. The phone will not be authorized to the network or to the IP PBX unless a mutual certificate exchange or a certificate and dongle architecture have authenticated it, according to Tech Target.
  • The third layer involves encryption or authentication between the media and various channels. This means media gateways, ALGs, firewalls and NAT devices, and SBCs, according to Tech Target.
  • Finally, the fourth layer is user authentication. Only users authenticated via a user name and password or token device or mutual swap should be allowed to make or receive phone calls, according to Tech Target.

Disable International Calling

Most hackers go after the more expensive international phone numbers. Businesses that don’t need to regularly make international calls can disable international calling, using an international calling card when necessary. If regular international calling is required, businesses should carefully check invoices to be sure all calls made are legitimate.

More Like This

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. The Cybersecurity and Infrastructure Security Agency (CISA) has observed cyber actors using emails containing a Microsoft Word document with a malicious Visual Basic …

AA20-227A: Phishing Emails Used to Deploy KONNI Malware Read More »

Read More

AA20-225A: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

Original release date: August 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for …

AA20-225A: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails Read More »

Read More

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Original release date: July 27, 2020 Summary This is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) …

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices Read More »

Read More

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Original release date: July 24, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. (F5) released a patch for CVE-2020-5902 on June 30, 2020.[1] Unpatched F5 BIG-IP devices are an attractive target …

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902 Read More »

Read More

AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Original release date: July 23, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks for all referenced threat actor techniques and mitigations. Over recent months, cyber actors have demonstrated their continued willingness to conduct malicious cyber activity …

AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems Read More »

Read More

AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation

Original release date: July 16, 2020 Summary This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. Attributing malicious cyber activity that uses network tunneling and spoofing techniques to a specific threat actor is difficult. …

AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation Read More »

Read More