We’ve discussed in a few of our recent posts about technical pitfalls that you should look out for while running your VoIP business. We went over the steps you should take to better prepare yourself when dealing with technical pitfalls and the tactical approaches to actually correcting them. Sounds pretty cut and dry doesn’t it?
That may seem like the case, however, left undealt with these technical pitfalls could result in a loss of customers or even worse, security threats.
In this post we’ll discuss tips for securing your network to protect you against having compromised systems, fraudulent activity, or DDoS attacks.
The DDoS Attack
Out of the box, VoIP implementations may leave some ports open and without sufficient monitoring. These, along with other default settings, could create a habitat vulnerable to a DDoS or distributed deinial of service attack. A DDoS attack is a concerted, coordinated effort to flood a network with requests. Think of it as your home unexpectedly flooding during a thunderstorm. Water keeps pouring in, flooding your home, rendering whatever living space it's invading completely useless. In the case of a DDoS attack, your network isn't necessarily penatrated, but "flooded" with busy signals making a system unusable.To combat these attacks, security experts on your team or through your wholesale VoIP provider, must ensure that unnecessary ports and services are shut down, and that the network is properly patched for newly discovered vulnerabilities.
In order to better safeguard your VoIP business from these floods it’s wise to invest in security. Deployment methods and detection systems thankfully exist to protect your best interests. A variety of methods allow your security team to gain insight into what’s going on in a network. One of the more popular approaches is flow sampling as virtually all routers support some form of flow technology, such as NetFlow, IPFIX, or sFlow. In this process, the router samples packets and exports a datagram containing information about that packet. This is a readily available technology, scales well, and is quite adequate to indicate trends in network traffic.
For the most insightful detection and fastest mitigation, you can’t beat in-path deployment of a high-performance DDoS mitigation device that is able to detect and mitigate immediately. In-path deployment allows for continuous processing of all incoming traffic (asymmetric) and possibly also the outgoing traffic (symmetric). This means the mitigation device can take immediate action.
VoIP fraud can affect any organization which uses or sells VoIP services. In most cases the fraud target is an enterprise. In fact, most enterprises never realize they have been hacked until they see the fraudulant charges piling up on their bill.
Here’s a scenario to paint a picture of how easy it is for someone to commit fraud from an end-user's account: Imagine you’re sitting down at your local coffee shop and decide to catch up with an old friend from Europe. You connect your laptop to the open Wi-Fi access in the shop, login to your provider, and make the call. But wait--right behind you someone just watched you type in your username and password. They log-in to their freely download VoIP software from the same provider and share your information with family and friends. You notice the fraudulent charges and shut the number off. However, it is far too late because now you have the largest phone bill in existence. When looking for a wholesale VoIP provider, make sure they offer fraud protection.
Scenarios such as this one happen more than any of us would like them to. This example is a minor mishap compared to what could happen on the enterprise and wholesale level. Identity theft and account cloning is a common issue online in general.
To combat identity theft and verify users, stronger authentication systems can be put in place. With strong authentication, just because someone knows a user's phone number and possibly his or her password, they would still not be able to access the account. To strengthen an authentication system, service providers could modify softphone client software by embedding user information into the application before download, making it unique to that user.
Billing fraud occurs when a VoIP caller can use unauthorized billing or credit card details from anywhere in the world. To combat billing fraud at the service provider level, even though the location specifics of the caller aren't known, call authorization can be enforced and verified at gateways. This can include identifying which called numbers have fees associated with them versus which do not, and whether or not the provider is willing to pay that fee. Additionally, service providers can block calls to and from services where there is no prior agreement in place. Certain providers can also be blacklisted until they work out a billing agreement. Gateway systems exist that can sit in front of the VoIP switching infrastructure, track each call set up and tear down and validate destination/origination authorization in real-time.
These and other fraudulent activites such as call hijacking are only a few of the severe instances that can exist in the world of VoIP fraud. Not properly mitigating your security systems, not changing the default settings, and not checking to make sure your technical pitfalls are corrected, can ultimately result in catastrophe.
Is your system compromised?
If you haven't paid any attention to your technical pitfalls and aren't sure if your system has become compromised, the first step is always to monitor for any irregularities. Check your call history, if your bills are skyrocketing out of control, or even if you're receiving fake antivirus messages; these all could be signs of a potential threat to your VoIP service.
Now is the time to use the tools we've provided to get to the root of the problem. Follow our strategies, stay on top of your security, and most importantly teach security compliance to your emloyees. Follow through accordingly and your VoIP business will be the rockstar you've always wanted it to be!