Safeguarding Networks Against Fraud. Connections 2014

Similar documents
VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======

How the ETM (Enterprise Telephony Management) System Relates to Session Border Controllers (SBCs) A Corporate Whitepaper by SecureLogix Corporation

PBX Security in the VoIP environment

HOW WE DELIVER A SECURE & ROBUST HOSTED TELEPHONY SOLUTION

TELECOM FRAUD CALL SCENARIOS

VOIP THEFT OF SERVICE: PROTECTING YOUR NETWORK ======

WHAT THE FRAUD? A Look at Telecommunications Fraud and Its Impacts

Ingate Firewall/SIParator SIP Security for the Enterprise

The #1 Issue on VoIP, Fraud!

IT Security Risks & Trends

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Business Telephony Security

Cloud Security:Threats & Mitgations

93% of large organisations and 76% of small businesses

Best Practices for Securing IP Telephony

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Security and Risk Analysis of VoIP Networks

Business Phone Security. Threats to VoIP and What to do about Them

State of Texas. TEX-AN Next Generation. NNI Plan

VoIP Trunking with Session Border Controllers

UC and SIP Trunking Luncheon. Sponsored by:

PBX Fraud Educational Information for PBX Customers

VoIP: The Evolving Solution and the Evolving Threat. Copyright 2004 Internet Security Systems, Inc. All rights reserved worldwide

Recommended IP Telephony Architecture

Session Border Controllers in Enterprise

Passing PCI Compliance How to Address the Application Security Mandates

Things I can do to protect my network from getting Hacked!!!!!! Jazib Frahim, Technical Leader

Villains and Voice Over IP

Recommendations for secure deployment of an IP-PBX

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

White Paper. avaya.com 1. Table of Contents. Starting Points

SIP Trunking Configuration with

Where every interaction matters.

Software that provides secure access to technology, everywhere.

Rational AppScan & Ounce Products

OfficeMaster Gate (Virtual) Enterprise Session Border Controller for Microsoft Lync Server. Quick Start Guide

Presented by: Mike Morris and Jim Rumph

SangomaSBCs Keeping Your VoIP Network Secure. Simon Horton Sangoma

Franchise Data Compromise Trends and Cardholder. December, 2010

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

VOIP Attacks On The Rise

Enterprise Cybersecurity: Building an Effective Defense

Security Issues in Cloud Computing

Mitigating the Security Risks of Unified Communications

Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

VOICE OVER IP SECURITY

International Dialing and Roaming: Preventing Fraud and Revenue Leakage

Access Mediation: Preserving Network Security and Integrity

CGI Cyber Risk Advisory and Management Services for Insurers

PCI Compliance 3.1. About Us

INTRODUCTION TO VOIP FRAUD

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

Reducing Application Vulnerabilities by Security Engineering

Solution Review: Siemens Enterprise Communications OpenScape Session Border Controller

Application Intrusion Detection

A Case for Managed Security

Ram Dantu. VOIP: Are We Secured?

Cisco Advanced Services for Network Security

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only

S-Series SBC Interconnect Solutions. A GENBAND Application Note May 2009

T.38 fax transmission over Internet Security FAQ

For more information on SQL injection, please refer to the Visa Data Security Alert, SQL Injection Attacks, available at

10 Smart Ideas for. Keeping Data Safe. From Hackers

Security Issues with Integrated Smart Buildings

Managing IT Security with Penetration Testing

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

Enterprise Cybersecurity: Building an Effective Defense

Stephen Coty Director, Threat Research

I ve been breached! Now what?

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Cyber Security Breakout Session. Ed Rosenberg, Vice President & Chief Security Officer, BMO Financial Group Legal, Corporate & Compliance Group

BROADSOFT PARTNER CONFIGURATION GUIDE VEGASTREAM VEGA 100

Ron Shuck, CISSP, CISM, CISA, GCIA Infrastructure Security Architect Spirit AeroSystems

Application Note Patton SmartNode in combination with a CheckPoint Firewall for Multimedia security

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

Avaya SBCE 6.3 Security Configuration and Best

IP PBX. SD Card Slot. FXO Ports. PBX WAN port. FXO Ports LED, RED means online

ArcGIS Server Security Threats & Best Practices David Cordes Michael Young

Excellence Doesn t Need a Certificate. Be an. Believe in You AMIGOSEC Consulting Private Limited

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Transcription:

Safeguarding Networks Against Fraud Connections 2014

Safeguarding Networks Against Fraud Agenda Toll Fraud and VoIP Hacking Elliot Zeltzer, VP IP Engineering, BullsEye Telecom BroadSoft Tools & Tips for Fraud Prevention Rodney Barney, Director, BroadSoft Global TAC Comments on Fraud Detection Jim Dalton, CEO TransNexus Questions for the panel / Open Q&A David Dibert, Sr Director, BroadSoft Global TAC Highlights of Partners at Connections Elvis Tucker #BC14 BROADSOFT CONNECTIONS 2014 PAGE 2

Watch for news about our 2015 Technical Summits! Over 350 customers attended in 2014 April - June, 2015: USA (East and West coast) Europe Melbourne Australia CALA or S. Korea?

Toll / Network Fraud and VoIP Hacking Elliot Zeltzer, Vice President of IP Network Engineering BullsEye Telecom

Toll / Network Fraud and VoIP Hacking The escalating cost of toll fraud The estimated cost of toll fraud, or phone hacking, to businesses is $4 billion annually; double the cost of credit card fraud.. Toll fraud is alive and well NetworkWorld the U.S. government announced it had broken up a $55 million toll fraud ring that was operating internationally and targeting enterprise PBXs authorities in the Philippines arrested six adults and three minors for hacking AT&T and causing a $24 million loss for the carrier and its clients over the past few years #BC14 BROADSOFT CONNECTIONS 2014 PAGE 5

Toll / Network Fraud and VoIP Hacking How is Toll Fraud and VoIP hacking manifested Direct theft of services Monetization Industrialization of theft Not kids, not the curious Speed which the vulnerability's are converted into cash will amaze you Malicious disruption / denial of service Compromise Customer service delivery Carrier service delivery Extortion Cryptolocker Social engineering to gather and construct elements of identity theft #BC14 BROADSOFT CONNECTIONS 2014 PAGE 6

Toll / Network Fraud and VoIP Hacking How did we get here? Moved from TDM to VoIP Applied the same security and control constructs that we have used (or not) to VoIP Or Failed to assure that all of the IP best practices we instituted #BC14 BROADSOFT CONNECTIONS 2014 PAGE 7

Toll / Network Fraud and VoIP Hacking What is Toll Fraud and VoIP hacking (an abbreviated list) Toll fraud legacy model Traditionally a function on the TDM network Carrier based Call / traffic pumping Call redirection Voice mail hijacking / outcalling Platform remote access credential compromise Toll fraud new model (IP based telephony) Anyone who has a IP based telephony platform! Endpoint hijacking Host or Remote SBC (session boarder control) compromise Platform credential compromise VoIP session VoIP customer portal VoIP management platform Call forwarding redirect Voice mail hijacking / outcalling #BC14 BROADSOFT CONNECTIONS 2014 PAGE 8

Toll / Network Fraud and VoIP Hacking Why have we become (more) vulnerable TDM have points of entry that have been known for nearly 100 years Moved to VoIP TDM folks didn t understand that all the flaws of IP Immediately became an open door to attack VoIP #BC14 BROADSOFT CONNECTIONS 2014 PAGE 9

Toll / Network Fraud and VoIP Hacking Your VoIP Delivery Network An IP telephony eco system Best practices for IP Network design Firewall Host server setup and administration Partitioning and logical function separation NIDS, NIPS, HIDS Log collection digestion and interpretation Aggressive interaction with suppliers Periodic security audits and intrusion testing #BC14 BROADSOFT CONNECTIONS 2014 PAGE 10

Toll / Network Fraud and VoIP Hacking Tooling to catch and prevent Secure your VoIP eco system Secure the front door! Best practices IP network VoIP headend VoIP endpoints Credentialing Use Broadsoft security toolkit Activate toll fraud script Central credential infrastructure Encrypt device management Forensics Use CDR analytics Syslog and SIP heuristics for threat detection #BC14 BROADSOFT CONNECTIONS 2014 PAGE 11

Toll / Network Fraud and VoIP Hacking Who can help you? Join CFCA (Communications Fraud Control Association) http://www.cfca.org Your suppliers Make each and every one of your VoIP technical supplier chain put skin in the game Hire the right staff Hire the right consultant(s) Do periodic security audits and intrusion tests #BC14 BROADSOFT CONNECTIONS 2014 PAGE 12

Toll / Network Fraud and VoIP Hacking Goal No system is perfect Build defenses high enough to cause the Fraudster / Hackster to go to someone else All of us raise the barriers high enough to have them go to somewhere else Build a moat with flaming oil, broken glass and barbed wire around your VoIP Eco system. #BC14 BROADSOFT CONNECTIONS 2014 PAGE 13

Thank You!

Protecting Your Network Against Fraud Connections 2014 David Dibert, Sr. Director, Global Technical Assistance Centers, BroadSoft Inc. Rodney Barney, Director, Global Technical Assistance Centers, BroadSoft Inc.

Highlights on BroadWorks Fraud Concerns Risk Areas and Reporting Process

Fraud Risk Perpetrators Fraud Attempts can occur from three types of parties: An Outside Hacker A Dishonest Customer Internal Employee Attack #BC14 BROADSOFT CONNECTIONS 2014 PAGE 17

Fraud Risk Areas And BroadWorks Toolkit Industry Identified Fraud Risks Areas Voice Portals Web/Client Portals SIP Endpoints The BroadWorks Security Toolkit can be used to help identify and mitigate fraud Identify tools available via BroadWorks #BC14 BROADSOFT CONNECTIONS 2014 PAGE 18

Industry Identified Fraud Risks Areas Voice Portal High Risk Area BroadWorks Voice Portal supports two services that can be the source of fraud Voice Portal Call Forwarding Always programming and activation Voice Portal Calling Service How do they get in? Hacker aware of number ranges belonging to Service Provider Once Voice Portal accessed, hacker tried to brute force passcode (Weak Passwords are a concern) Once the account is compromised, hacker looks for Call Forwarding Always Programming or Voice Portal Calling options #BC14 BROADSOFT CONNECTIONS 2014 PAGE 19

Industry Identified Fraud Risks Areas - Web/Client Low Risk Area Hacker identifies XSP addresses and attempts to compromise account Common XSP applications and what is accessible OpenClientServer (OCS), CommPilot, OciOverSoap XSI-Actions bwcallcenter & bwreceptionist HTTP is the main target Brute force attack #BC14 BROADSOFT CONNECTIONS 2014 PAGE 20

Industry Identified Fraud Risks Areas - SIP Endpoint Low Risk Area SIP endpoint are subject to two types of vulnerabilities SIP Session Hijacking SIP is vulnerable to a number of session hijacking threats when SIP Digest-Authentication is not used SIP Identity Hijacking Password was compromised or brute force attacked SIP Digest-Authentication counters these threats #BC14 BROADSOFT CONNECTIONS 2014 PAGE 21

Areas to Concentrate Hardening Efforts Discuss ways to eliminate/mitigate these vulnerabilities and resulting fraud DMZ XSP Hardening Password Controls Call Processing Policies Outgoing Origination/Redirection Controls SIP Hardening Options Device Management Hardening Security Tool Kit #BC14 BROADSOFT CONNECTIONS 2014 PAGE 22

BroadWorks Security Toolkit Helps detect fraud and identify exposures in the BroadWorks system Fraud Detection Tool Parses CDR files, report upon and/or act upon Weak Password Checker Validate AS DB passwords Redirecting Services Pattern Checker Search AS DB for Frwd-to Numbers of concern Authentication Services Assignment Checker Search the AS database for users without Authentication service assigned or with blank passwords #BC14 BROADSOFT CONNECTIONS 2014 PAGE 23

BroadWorks Fraud and Security Reporting Process Reporting Security Vulnerability, Security Issue, or Fraud Through the BroadSoft Ticketing System Via the problem category field Direct Contact via the BroadSoft TAC line Contact #s on ticketing interface or in the TAC Overview on Xchange http://xchange.broadsoft.com/php/xchange/system/files/tac/broadsoft-tac-overview.pdf These actions will alert the BroadWorks Security Response Team (SRT) of potential Security or Fraud issues #BC14 BROADSOFT CONNECTIONS 2014 PAGE 24

BroadWorks Fraud and Security Reporting Process How are Security and Fraud reports handled? Upon report, the Security Response Team (SRT) is alerted We meet on a regular basis to review all tickets submitted as a Security, Security Vulnerability, or Fraud We assess the criticality of each report and score them per Common Vulnerability Scoring System (CVSS) #BC14 BROADSOFT CONNECTIONS 2014 PAGE 25

BroadWorks Fraud and Security Reporting Process According to criticality and risk BroadSoft will take actions, which may include: Alerting customers and partners with a remedy designed to reduce the risk to customer's BroadSoft product and to avoid further exposure or fraud. Provide patches for current releases covered under maintenance and support. Provide any necessary updates to the BroadSoft security documentation. Provide updates to our security ToolKit #BC14 BROADSOFT CONNECTIONS 2014 PAGE 26

Thank You! A special thanks to Mark Kushnir of BroadSoft for publishing a comprehensive Security Best Practices guide: http://xchange.broadsoft.com/php/xchange/node/457412 Technical Summit Report on Security Response Metrics: http://xchange.broadsoft.com/php/xchange/system/files/tac/bestpractices/5 - Fraud and Security Best Practices Updates.pdf The BroadSoft Security Vulnerability Response Process: http://xchange.broadsoft.com/php/xchange/system/files/tac/bw-security- Vulnerability-Response.pdf

Traffic Pumping Fraud Connections 2014 Jim Dalton, Founder TransNexus

Traffic Pumping Fraud (International Revenue Sharing Fraud IRSF) Traffic Pumping Fraud is the Number One Risk for Retail Service Providers Your Customers are your Primary Vulnerability A Growing Fraud Eco-System has Developed to Attack Your Customers Telecom Hacking Instructions are Plentiful #BC14 BROADSOFT CONNECTIONS 2014 PAGE 29

Telecom Hacking Tutorials #BC14 BROADSOFT CONNECTIONS 2014 PAGE 30

Traffic Pumping Fraud (International Revenue Sharing Fraud IRSF) Traffic Pumping Fraud is the Number One Risk for Retail Service Providers Your Customers are your Primary Vulnerability A Growing Fraud Eco-System has Developed to Attack Your Customers Telecom Hacking Instructions are Plentiful Scores of Premium Number Service Providers Enable Easy Monetization #BC14 BROADSOFT CONNECTIONS 2014 PAGE 31

Monetize Fraud with Premium Rate Numbers #BC14 BROADSOFT CONNECTIONS 2014 PAGE 32

Premium Rate Number Providers Czech BVI Belize Austria Albania Spain Hong Kong Dominica Cyprus Australia UK USA UK USA Australia Cyprus Dominica Hong Kong Spain Albania Austria Belize British Virgin Islands Czech Republic India Netherlands Pakistan Russia Seychelles Singapore UAE #BC14 BROADSOFT CONNECTIONS 2014 PAGE 33

Premium Rate Number Services #BC14 BROADSOFT CONNECTIONS 2014 PAGE 34

Premium Rate Number Services #BC14 BROADSOFT CONNECTIONS 2014 PAGE 35

Premium Rate Number Services #BC14 BROADSOFT CONNECTIONS 2014 PAGE 36

Traffic Pumping Case Study $166,000 Fraud Loss in 44 hours Fraud victim had four analog lines Over 568 simultaneous calls during attack to three telephone numbers in Gambia Premium Rate Numbers Gambia Maldives Somalia Fraudster Forwarded Calls are maintained by TW Network and do not overload Enterprise Phone System Public Telephone Network 22.5 calls per minute in fraud attack TW Telecom Network Fiber Integrated Access Device Telephone signaling per call instructs TW Network to re-route forwarded calls to PRNs FSF Enterprise Phone System Four Analog Phone Lines Norstar ICS Call Pilot 100 Fraud Victim #BC14 BROADSOFT CONNECTIONS 2014 PAGE 37

SDReporter CDR Analytics Real Time Fraud Scoring Blacklisted Numbers Subscriber Credit Controls GroupId, UserId or SIP trunk 1. CDR Files 2. OCI-P Command Offnet Termination Networks #BC14 BROADSOFT CONNECTIONS 2014 PAGE 38

NexOSS SIP INVITE Analytics SIP Trunking NexOSS SIP Phones 1. SIP INVITE Admission Request 2. Route, Divert or Block Soft switch DID Providers Inbound SIP Calls X Session Border Controller SIP Terminators Stop Fraudulent Calls Before They Enter Your Network #BC14 BROADSOFT CONNECTIONS 2014 PAGE 39

Thank You!

BOOTH # 27 16 62 Fraud and Security Connections 2014 Partners BroadWorks collects data on every call that flows through your network BroadSoft partners utilize big data and VoIP analytics techniques for preventing and managing fraud and security incidences User Profiling Reporting trend analysis Cloud-Based Appliance-Based SaaS User Portal Notification Attack Prevention Cost Analysis #BC14 BROADSOFT CONNECTIONS 2014 PAGE 41

Thank You!

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information