As VoIP Fraud Mounts, Security Spending Drops

Though analysts report VoIP toll fraud on the rise, operators haven’t marshaled existing resources to combat it – and the recession means things are likely to get worse before they get better.

Sipera Systems, which makes security software for unified communications platforms, said in early June it has discovered “numerous” cases of vulnerabilities exploited for toll fraud. Enterprises and service providers alike are hit hard by the illegal activity, the cost of which can go as high as hundreds of thousands of dollars a year, Sipera reported.

Toll fraud happens when attackers infiltrate networks and call control systems, then hijack them to make long-distance and international phone calls. Sometimes they infiltrate carriers' accounting systems; other times, they redirect inbound calls to a media gateway to gain unauthorized use of a VoIP network.

"We'd expected a correlation between growing awareness of VoIP and UC vulnerabilities and security best practices, and a decrease in toll fraud activity,” Adam Boone, Sipera’s marketing vice president, said in a statement. “But we are finding the opposite, that toll fraud actually is on the rise.”

Service providers will come under more attacks as they switch to IP infrastructure, added security guru Richard Stiennon, founder of consultancy IT Harvest. In IP-based environments, he said, “there are more opportunities to do nasty things, so hackers might as well go for the gold.”

In many ways telecom operators have seen this situation before, he said. That’s because often the rollout of new services precedes their lockdown.

Déjà Vu All Over Again

“Service providers have to deploy in the most effective way to get business started,” Stiennon added, “then once the business is successful they start experiencing attacks.” Providers – and, often, their enterprise customers that are deploying UC platforms – must then invest in expensive after-the-fact tools to fight the attacks. Closing the barn door after the horses have escaped is always more expensive than locking it in the first place.

The best practices come embedded, as it were. First, dual-mode handset makers should use chips that incorporate built-in security elements into small devices. VoIP equipment manufacturers should do the same. Finally, service providers should filter malware and analyze content including SMS messages and Web links. It’s not only voice-over-IP services being attacked; all voice toll fraud is up, Stiennon cautioned, accelerated by the spread of malware that spreads randomly over the Web.