This week on the Digium blog we are discussing security in the context of SMB unified communications. In today’s post we’ll explore some common threats and why they are dangerous. Becoming familiar with the terminology used is the first step in securing your system. Later in the week, we’ll discuss what you can do to protect your system against these threats.
There are many threats that can affect a business phone system. In this post we’ll discuss four of the most popular: Toll Fraud, Denial of Service, Man in the Middle, and Social Engineering. Knowing what kind of damage can be done serves to illustrate the importance of securing your phone system.
Toll Fraud is a common attack against business phone systems. In this type of attack the malicious agent attempts to gain access to your long-distance, toll-bearing trunks. If they are able to make calls using your long-distance account then they can get free calls and you end up paying long distance fees to your upstream provider. This can be especially damaging if international calls are made. Companies with VoIP systems that are compromised by toll fraud are often left liable for tens of thousands, or even hundreds of thousands of dollars in long distance fees.
Denial of Service
A “DoS” or Denial of Service attack is one in which an attacker compromises your system in such a way as to make it inaccessible to your users. DoS attacks can be targeted at specific services, such as stopping the ability to dial out trunks, or access to remote UC features, or in a worst case scenario, can bring down the entire system so that even inter-office calls cannot be made. When your system is unavailable to users due to a DoS attack you will see this cost in terms of lost time and productivity. Not to mention the loss of reputation in the eyes of your customers who are unable to communicate with you.
Man in the Middle
A Man in the Middle attack occurs when an attacker is able to intercept your traffic and then passes it along. You may not know that a man in the middle attack is occurring because your services appear to be working like normal. However, if an attacker is able to intercept authentication credentials they could use this information to perform a DoS or Toll Fraud attack. Additionally, the attacker could gain access to private or privileged information.
The easiest way to exploit a technology is to attack humans instead of attacking the technology. Modern, sophisticated attackers will often try to gain access to your system via social engineering rather than technical exploits. An example would be a malicious attacker calling one of your users pretending to be your IT department. They might ask the user for their password in order to fix an imaginary problem. The unsuspecting user offers their authentication credentials freely. The attacker now has access to your system.
These are just a few of the most common types of attacks. Tomorrow, we’ll look at some Security Basics and begin to explore what it takes to protect your system from attack.