Concept Note. powering the ROC. PBX Hacking. www.subex.com



Similar documents
Preventing Telecommunication Fraud in Machine-to Machine Communications

ROC Data Integrity Management - Leased Line Cost Recovery

Bypass Fraud- Are you getting it right?

WHAT THE FRAUD? A Look at Telecommunications Fraud and Its Impacts

PBX Security in the VoIP environment

VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======

PBX Fraud Information

PBX Fraud Educational Information for PBX Customers

CCT Telecomm offers the following tips to ensure your protection from phone fraud at your home or business:

NICC ND 1438 V1.1.1 ( )

ROC FRAUD MANAGEMENT. fraud management. Driving fraud prevention. Real-time protection from next-gen fraud types. On-the-go Decisioning

Business Telephony Security

With 360 Cloud VoIP, your company will benefit from more advanced features:

Protecting Mobile Networks from SS7 Attacks. Telesoft White Papers

VOIP THEFT OF SERVICE: PROTECTING YOUR NETWORK ======

8335 Guilford Road Suite H Columbia MD

Glossary of Telco Terms

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Hosted VoIP Feature Set

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

VOIP THE ULTIMATE GUIDE VERSION /23/2014 onevoiceinc.com

International Dialing and Roaming: Preventing Fraud and Revenue Leakage

Auto Attendants. Call Management

Cyber Security Breakout Session. Ed Rosenberg, Vice President & Chief Security Officer, BMO Financial Group Legal, Corporate & Compliance Group

Cloud9 Hosted PBX Feature Guide

Internet Telephony Terminology

Hosted Business Class VoIP Features

AUTO ATTENDANTS CALL MANAGEMENT

Franchise Data Compromise Trends and Cardholder. December, 2010

How To Protect A Call Center From Fraud

Hosted PBX Features List

BP_UserGuide_1113. Business Phone User Guide

Fibernetics Digital PBX Training Manual

Voice Over IP is it hype or can it work for me? By American Business Communication Inc.

IT Security Risks & Trends

The Self-Hack Audit Stephen James Payoff

InSciTek Microsystems 635 Cross Keys Park Fairport, NY Setting up Your Phones

The Business Value of Call Accounting

Network Security Policy

Automatic Route Selection (ARS)

Contents. Specialty Answering Service. All rights reserved.

Telco Depot IP-PBX Software Features

ATA: An Analogue Telephone Adapter is used to connect a standard telephone to a high-speed modem to facilitate VoIP and/or calls over the Internet.

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

Firewalls Overview and Best Practices. White Paper

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Managing IT Security with Penetration Testing

BP_UserGuide_0113. Business Phone User Guide

VOIP Security Essentials. Jeff Waldron

DigiDial- VoIP SSMM Service Overview No Boundaries outside the box of traditional telephony P er ver OecioV

VoIP: The Evolving Solution and the Evolving Threat. Copyright 2004 Internet Security Systems, Inc. All rights reserved worldwide

Table of Contents. Introduction to SMB Phone Systems. Types of Commercial Phone Systems. Sizing Office Phone Systems. Features of Office Phone Systems

HANDBOOK 8 NETWORK SECURITY Version 1.0

Protect your Business phone systems from FRAUD!

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Simplify Your Network Security with All-In-One Unified Threat Management

Enterprise Phone Systems. The Complete Buyer s Guide

TELECOM FRAUD CALL SCENARIOS

How To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device

Home Phone Call Forward Guide

Remote Access Security

Cisco Unified MobilityManager Version 1.2

NEWT Managed PBX A Secure VoIP Architecture Providing Carrier Grade Service

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

APPENDIX 8 TO SCHEDULE 3.3

Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM

Xorcom IP-PBX Software Features

Initials. MTN SIP Trunk. Service Description

Device SIP Trunking Administrator Manual

About Cerebrus Solutions Limited. This Fraud Primer is prepared by Cerebrus Solutions

Fonality. Optimum Business Trunking and the Fonality Trixbox Pro IP PBX Standard Edition V p13 Configuration Guide

FFIEC CONSUMER GUIDANCE

Unified network traffic monitoring for physical and VMware environments

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014

Feature Reference. Features: Call Forwarding Call Waiting Conference Calling Outbound Caller ID Block Last Call Return Voic

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

Protecting the Palace: Cardholder Data Environments, PCI Standards and Wireless Security for Ecommerce Ecosystems

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Making the leap to the cloud: IS my data private and secure?

Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011

Transcription:

Concept Note powering the ROC PBX Hacking

Introduction A PABX/PBX (Private (Automatic) Branch exchange) is telephone equipment that is installed on corporate premises to provide a number of telephone extensions within an office and operate as a connection between the business and the external dial-out network. A PBX allows sharing of outside lines and thus significantly reduces the number of such lines needed to be leased from a Telco. PBXs have evolved over time in much the same way that Telcos have evolved, moving from circuit switched to IP-based packet technologies. An on-site PBX provides more telecommunications service control to the organization. Today, even the most basic PBX systems have a wide range of capabilities that were previously only available in advanced large-scale switches. Today s voicemail platforms often have similar capabilities to PBXs, and thus are prone to similar attacks. Typically, incidents tend to occur when business premises are unattended, PBX use is not monitored, and/or the PBX is accessible externally. Calls are placed and routed via the PBX and, in the majority of cases; the business owners are unaware of the event. In the most extreme cases, losses of thousands of Dollars can be incurred by businesses due to this type of fraud. We should understand that these attacks are possible because the victims are largely unaware of the potential threats and the PBXs in question have not been properly secured. Popular methods of hacking PBXs are summarized in diagram below. Tricking geniune users to forward calls (#90 type tricks) Brute force attack using sophisticated diallers etc. Default password works!! Unauthorized access from modem attached to PBX maintainance port PBX Hacking Internal users are misusing passwords Brute Force Attacks: Typically, the PBX security is breached via the toll-free Direct Inward System Access (DISA) number. Many PBXs allow dial-through, wherein a person calling into the PBX can access an external line by using appropriate passwords and control sequences. Large corporates use this feature extensively. Fraudsters hack into the PBX, obtain passwords and once a password is retrieved, use the PBX to generate outbound calls (typically for call selling or PRS revenue share). 02 Subex Limited

War dialing is one of the techniques used for obtaining passwords. It involves the fraudster trying to break PBX code using an auto dialer, which keeps on dialing same number in a sequence making an exhaustive search of passwords until it breaks through. Default Passwords: One of the largest contributing factors in PBX hacking and misuse is careless PBX installation and poor configuration, leaving default user and maintenance port passwords in place (fraudsters know the default passwords for the various switch vendors). PBX fraud commonly occurs when the customer fails to change the default password or do not change passwords frequently. Default passwords can be found online in the relevant PBX user manuals etc. Telco and PBX vendors should advise corporate customers to changes all default settings and passwords. This will prevent easy hacking opportunities for fraudsters. Internal Enemy: Many cases of PBX hacking result from insiders or vendors who disclose the phone numbers, IDs and passwords necessary for breaching PBX security. Sometimes the users may get hold of passwords by unauthorised means and use the corporate lines for making personal calls or colluding with external fraudsters to help in PBX hacking. Strict security Policies should be in force for PBX password control. The physical security of PBXs and phone extensions is also an important factor to consider in avoiding misuse of PBXs. Social Engineering: The old traditional (wired) phone scam involving the 90# buttons on corporate telephone lines is still around. Employees of a corporation using a PBX line from their desk, receives a call from someone claiming to be a telephone company employee investigating technical problems with line, or checking up on calls supposedly placed to premium rate services or other countries from your line. The caller asks the employee to aid the investigation by either dialing 90# (or similar combination) or transferring him/her to an outside line before then hanging up the telephone receiver. By doing this the employee will be enabling the caller to place calls that are billed to the corporate telephone account. This attack only works on few PBXs today. Social engineering is another common technique used for obtaining passwords. Service Port: PBX hackers may also target modems attached to the service PORT of a PBX. The facility is provided by PBX manufacturers to allow remote support of the PBX. Typically, the connection should be opened only when an authorized request goes from the PBX customer to the PBX vendor, but many PBX customers keep the connection always open and therefore prone to attack. In addition to theft of service, the following misuse can occur through PBX hacking: Disclosure of Information such as eavesdropping on conversations, or gaining unauthorized access to routing and address data. Modifying Data such as change billing information, or modify system tables to gain access to additional services. Denial of Service attacks such as changing passwords to deny access, or forcing PBX to fail or degrading quality through excessive calling volume. Traffic Analysis such as observing information about calls and make inferences (industrial espionage), e.g. from the source and destination numbers, or frequency and length of calls. 03 Subex Limited

Preventive Actions Telco Customer: Should be informed of potential security threats to the PBX; Should maintain and enforce good security policies for the PBX; Should educate employees about threats (especially social engineering related) used for PBX hacking; Should ensure physical security of the PBX, phone lines and other equipment; Should Monitor international calls and high value services use through the PBX. Telco Protection through the FMS: Simply by monitoring high usage for types of calls or traffic not expected for corporate customers. PRS calls, content download, and international calls to high-risk countries during unusual hours (e.g. night or weekend) can be good indicators that a company s PBX has been penetrated. Since many companies don t closely monitor their detailed phone bills on a line-by-line basis, this can otherwise go unnoticed for long periods of time. FMS rules should be configured for off peak monitoring with appropriate filters and thresholds, high usage monitoring for PRS, content and International services, hotlist rules for high risk country codes and equipment identifiers. It is advised that xdrs (Usage record) processed in the FMS should have a field indicating whether a call originated or terminated at PBX. Once PBX hacking is detected, similar compromised lines can be identified based on behavioral profiles of blacklisted subscribers. Authorization failures from PBX (or Voicemail) authentication can be monitored using rules on log files. Profiling can be used to spot sudden changes in volume and/or the nature of use of PBXs. Again this is a strong indicator that a PBX has been hacked. Further Reading: http://www.infosecurity-magazine.com/view/2182/pbx-hacking-moves-into-the-professional-domain-as-arrestsstack-up-/ http://www.experts-exchange.com/articles/other/miscellaneous/phone-pbx-hacking-prevention-tips.html 04 Subex Limited

About Subex Subex Limited is a leading global provider of Business Support Systems (BSS) that empowers communications service providers (CSPs) to achieve competitive advantage through Business Optimization - thereby enabling them to improve their operational efficiency to deliver enhanced service experiences to subscribers. The company pioneered the concept of a Revenue Operations Center (ROC ) a centralized approach that sustains profitable growth and financial health through coordinated operational control. Subex's product portfolio powers the ROC and its best-in-class solutions such as revenue assurance, fraud management, credit risk management, cost management, route optimization, data integrity management and interconnect / inter-party settlement. Subex also offers a scalable Managed Services program and has been the market leader in Business optimization for four consecutive years according to Analysys Mason (2007, 2008, 2009 & 2010). Business optimisation includes fraud, revenue assurance, analytics, cost management and credit risk management. Subex has been awarded the Global Telecoms Business Innovation Award 2011 along with Swisscom for the industry s first successful Risk Reward Sharing model for Fraud Management. Subex's customers include 16 of top 20 wireless operators worldwide* and 26 of the world s 50 biggest # telecommunications service providers. The company has more than 300 installations across 70 countries. *RCR Wireless list, 2010 #Forbes Global 2000 list, 2010 Subex Limited Subex Inc. Subex (UK) Limited Subex (Asia Pacific) Pte. Limited Adarsh Tech Park, Devarabisanahalli, Outer Ring Road, Bangalore - 560037 India 12101 Airport Way, Suite 300 Broomfi eld, Colorado 80021 USA 3rd Floor, Finsbury Tower, 103-105 Bunhill Row, London, EC1Y 8LZ UK 175A, Bencoolen Street, #08-03 Burlington Square, Singapore 189650 Phone: +91 80 6659 8700 Fax: +91 80 6696 3333 Phone: +1 303 301 6200 Fax: +1 303 301 6201 Phone: +44 20 7826 5420 Fax: +44 20 7826 5437 Phone: +65 6338 1218 Fax: +65 6338 1216 Regional offices: Dubai Ipswich Sydney

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information