The problem goes far beyond the leaking of sensitive emails and sexy selfies. Poorly managed IP Telephony is just one more way open for attack from Cybercrime.
Targeted attacks against small businesses nearly doubled in 2013 and of the one in five that experience a cyber-attack annually, 60% will close their doors within six months as a result. Poorly managed IP Telephony is just one more way open for attack from Cybercrime.
Talking Business uses many complex ways to safeguard our customers from Cybercrime. One very simple thing we do though is to allocate every IP Telephony account a managed credit limit. Not all providers are so diligent yet this eliminates the potential of a very expensive Cybercrime attack.
We recently discovered that one of our Sydney customers had used all of their managed credit overnight. All the call charges were for legitimate calls made to a Perth number. The problem was that they were made on a Sunday and there were over a thousand of them to the same number. Our IP Telephony service had not been compromised but deeper investigation found that their PABX had been hacked and a diversion placed onto one of the extensions that had a Direct In-Dial (DID).
On the surface this doesn’t sound too troublesome and is easily defended against, however, what transpired in Western Australia defies belief. That site too had been compromised. What we had was a very complex cyber-attack that involved three locations. A Melbourne VoIP user was hacked and that system then called our client in Sydney on the DID that had the diversion to Perth. Both the Sydney and Perth services were threat managed but both saw legitimate Australian callers and allowed the calls to proceed. The cost to our customer was only $111 (which we decided not to pass on in this instance) but tracing the calls to their completion suggested that the Perth phone system would have sustained costs in excess of $50,000.
Something else worth noting here is that the Perth system was using ISDN. It is not just IP Telephony that is at risk as most corporate PABX telephone systems have the potential to be hacked and that includes ISDN and PSTN.
We used what we learned from this incident to extend our threat management control services to now also block this type of Cybercrime making Talking Business one of the most secure IP Telephony providers in the country. To date we have never had a successful Cybercrime attack on any of our customer’s accounts.
If you are unsure as to how well you are protected then call us on 1300 666 765 or use our Contact Us page and ask for a Threat Review of your system. Now you’re talking!
Do you have a question? Please submit by clicking here and we’ll consider posting it in the next newsletter.