VoIP News
VoIP Providers
VoIP Books
VoIP Software
VoIP Jobs
VoIP Events Calendar
VoIP FAQ
Archives
Contact
About
Sipera Systems Reports VoIP Toll Fraud Continues to Escalate
Sipera Systems
reports that VoIP toll fraud continues to escalate, based on evidence uncovered in numerous VoIP and UC architectures. Across dozens of security architecture reviews and solution deployments, Sipera's security experts have discovered numerous cases of vulnerabilities commonly exploited for toll fraud, including confirmed fraud resulting in losses ranging from a few thousand dollars to hundreds of thousands of dollars.
The vulnerabilities affect both enterprises and service providers, and they stem from widespread gaps in insufficient VoIP and UC security architectures. Toll fraud occurs when unauthorized users, often external to the service provider or enterprise, exploit vulnerabilities to make toll calls to domestic or international locations. The unsuspecting enterprise or service provider is subsequently hit with extraordinarily high toll charges or call termination charges that have no clear cause.
The primary security architecture shortcomings leading to toll fraud include:
Telecom Connectivity Vulnerabilities: Many enterprises have moved to SIP trunking for low-cost telecommunications connectivity. Unfortunately, these enterprises often rely on Session Border Controllers for security of real-time VoIP and UC traffic, making them highly vulnerable to toll fraud. In production security architecture analysis, Sipera has identified nine common configuration errors, vulnerabilities and functional limitations that leave enterprises using SBCs for VoIP security exposed to toll fraud risk.
Application-Level Vulnerabilities: In many cases, application servers, voicemail systems, and other communication systems can be easily exploited by fraudsters because of weak passwords and authentication schemes. Furthermore, security policy enforcement mechanisms in such systems are often inadequate to stop fraudsters from using them to gain access to toll calling facilities.
End-Point Vulnerabilities: Weak security on user devices and inadequate authentication schemes enable fraudsters to exploit these devices to pose as authorized users and gain access to toll calling facilities.
Along with partners like Vigilar, Sipera Systems and Sipera's VIPER Lab security research and consulting arm offer these solutions to customers seeking to improve their defenses against toll fraud:
Security assessments:
Sipera's VIPER Lab
offers the industry's most advanced VoIP and UC security architecture consulting services, including VoIP penetration testing and comprehensive UC vulnerability assessments.
Seamlessly integrated security appliances: Sipera's award-winning UC-Sec security appliances are the industry's only purpose-built, comprehensive security solutions designed for real-time VoIP and UC traffic. Used in dozens of deployments worldwide, UC-Sec prevents toll fraud in VoIP and UC via policy enforcement, access control, threat mitigation and encryption. UC-Sec fits flexibly into any security architecture to complement and enhance an enterprise's security posture.
Posted on Jun 08, 2009
Reviews
|
Share
|
Digg
Filed in:
Security
Related Entries
•
Security Researcher Demonstrates Enterprise VoIP Phone Hack at Recent Amphion Forum
•
Vertex Telecom Selects RedShift Networks as the VOIP/SIP Security Solution for Enterprise and Wholesale Customers
•
netTALK Announces Free Advanced Privacy Features Added to its DUO VoIP Devices
•
Sangoma Enhances IP Security Offering with SBC Release
•
VoIP Fraud Could Kill Your Company - FraudStopper Kills the Fraud
•
VoIP Supply Adds Grandstream IP Surveillance Line
All comments require the approval of the site owner before being displayed.
Post a Comment
Please use a valid e-mail address. Your address will not be publicly visible and is only a means for us to contact you when asked. Thank you.
Name
E-mail
(will show your
gravatar
icon)
Home page
Remember Me
Comment (Some html is allowed:
)
Enter the code shown (prevents robots):
All brand, company, and product names are trademarks or registered trademarks of their
respective owners. © 2012 VoIP Monitor. All rights reserved.
Privacy Policy
Terms
SUBSCRIBE
Subscribe to our RSS feed
Bookmark VoIPMonitor.net
Subscribe to our newsletter via email
News Categories
Asterisk
Bluetooth Headsets
E911
General
Hardware
Investments
iPad
iPhone
Mergers and Acquisitions
Mobile VoIP
Offbeat News
Security
SIP
VoIP Advice
VoIP Awards
VoIP Bloggers
VoIP Books
VoIP by Region
Africa
Asia
Australia
Europe
Middle East
North America
South America
VoIP Events
VoIP Jobs
VoIP Products
VoIP Promotions
VoIP Providers
ATT
Fusion
Google Talk
Lingo
MCI
MSN Messenger
Net2Phone
Packet8
Phone Power
Pingo
Qwest
RingCentral
SBC
Skype
SunRocket
Verizon
ViaTalk
Vonage
Yahoo Messenger
VoIP Reports
VoIP Software
VoIP Solutions
VoIP Wireless
WiFi
VoIP Information
Tom Keating
Alec Saunders
Andy Abramson
Garrett Smith
Jeff Pulver
Om Malik
Thoughts on VoIP
Solomon's VoIP World
VoIP Weblog
VoIP Guide
Archives
May, 2013 (2)
December, 2012 (3)
November, 2012 (7)
October, 2012 (19)
September, 2012 (5)
August, 2012 (10)
July, 2012 (24)
June, 2012 (18)
May, 2012 (28)
April, 2012 (20)
March, 2012 (16)
February, 2012 (12)
January, 2012 (12)
November, 2011 (21)
October, 2011 (28)
September, 2011 (23)
August, 2011 (26)
July, 2011 (26)
June, 2011 (38)
May, 2011 (59)
April, 2011 (49)
March, 2011 (67)
February, 2011 (68)
January, 2011 (54)
December, 2010 (45)
November, 2010 (43)
October, 2010 (47)
September, 2010 (43)
August, 2010 (32)
July, 2010 (28)
June, 2010 (39)
May, 2010 (46)
April, 2010 (36)
March, 2010 (52)
February, 2010 (45)
January, 2010 (44)
December, 2009 (41)
November, 2009 (46)
October, 2009 (54)
September, 2009 (58)
August, 2009 (29)
July, 2009 (36)
June, 2009 (32)
May, 2009 (32)
April, 2009 (13)
March, 2009 (47)
February, 2009 (37)
January, 2009 (53)
December, 2008 (44)
November, 2008 (56)
October, 2008 (51)
September, 2008 (50)
August, 2008 (41)
July, 2008 (50)
June, 2008 (52)
May, 2008 (53)
April, 2008 (64)
March, 2008 (59)
February, 2008 (53)
January, 2008 (65)
December, 2007 (39)
November, 2007 (33)
October, 2007 (65)
September, 2007 (29)
August, 2007 (52)
July, 2007 (49)
June, 2007 (59)
May, 2007 (64)
April, 2007 (43)
March, 2007 (66)
February, 2007 (100)
January, 2007 (108)
December, 2006 (86)
November, 2006 (100)
October, 2006 (86)
September, 2006 (55)
August, 2006 (31)
July, 2006 (76)
June, 2006 (79)
May, 2006 (87)
April, 2006 (45)
March, 2006 (55)
February, 2006 (55)
January, 2006 (56)
December, 2005 (53)
November, 2005 (61)
October, 2005 (13)
September, 2005 (42)
August, 2005 (57)
April, 2005 (57)
March, 2005 (21)
February, 2005 (15)