VoIP hackers strike Perth business

A hacker recently obtained unauthorised access to the IP telephony (VoIP) system of a Perth business, making 11,000 calls costing over $120,000, according to the Western Australian police.

(Credit: ZDNet.com.au)

The calls were made over a period of 46 hours, the police said, and the business only became aware of the imposition when it received an invoice from its service provider.

Thieves have always targeted PBX systems by finding numbers used for remote calling — for mobile employees or those requiring international call access outside of business hours — to make calls at the company's expense.

This has in the past been exploited for uses such as routing calls made on cheap international phone cards, according to Pure Hacking senior security consultant Chris Gatford.

However, police said they were more concerned with the increasing number of occurrences such as that in Perth where the thieves gained access to users' VoIP network. They have issued a warning to small businesses to ramp up their VoIP security.

"Business operators should invest in appropriate security software to protect their communication systems. Most businesses are prepared to install firewalls on their computers but fail to extend that level of security to their phone systems," detective sergeant Jamie McDonald said in a statement.

Pure Hacking's Gatford said that he saw fraudsters exploiting weak VoIP passwords as more of a threat than the older style targeting of PBX systems. "From a fraud perspective, an ISP-based VoIP gateway with a weak user name and password would be the bigger problem going forward in telephony," he said.

VoIP systems from companies such as Alcatel-Lucent, Cisco and Avaya were quite good, Pure Hacking's Gatford said, but were unlikely to be found in very small businesses due to the cost.

To prevent businesses landing in the same VoIP quagmire as the Perth company, Gatford suggested that businesses create strong passwords and change them regularly. He also said that businesses with "road warriors" needed to be aware of the wireless or hotel networks they were conducting their business from.

• Related stories

• Alerts

Add your opinion

VoiP Hackers Anonymous -- 21/01/09

What always interests me in these incidents is that there are two groups who profit out of this type of fraud, the hackers/ fraudsters and the service providers.

How come service providers get money , are able to profit from the fraud............ they haven't lost any goods other than some electricity and possibly some connection fees but they do always make money from fraud !

• Reply to comment
• Reply to story
• Report offensive content

VoIP Hackers Anonymous -- 21/01/09 (in reply to #320121366)

You would expect that the people who foot the bill are the insurance companies, who I'm sure really wouldn't have a problem finding the cash.

I don't see why the service provider should have to waive the charges when they have actually provided the service - irrespective of how legitimate the user was!

• Reply to comment
• Report offensive content

Firewalls are useless. Anonymous -- 21/01/09

There is no meaningful deep packet inspection of VOIP traffic packets available.

Some vendors claim to have "voip aware" firewalls but they are a waste of money.

Anyway, this seems to be a case of a "hacker" merely running brute force attacks against a username/password combo.

Whoever put the VOIP system in probably left the defaults in place.

Typical amateurs !

• Reply to comment
• Reply to story
• Report offensive content

Safeguard against VoIP hackers Patrick lloyd, Product Manager Voice, Macquarie Telecom -- 22/01/09

Business can generally avoid this kind of illegal activity by securing their PABX equipment as well as having management tools that alert users when unusual call behaviour occurs.

For example; you can program them to email or SMS you if calls are made to a particular country or hit a certain call duration.

Following on from other comments here, it's very secure as long as you have professional people setting it up and implementing a proper security policy around calls.

• Reply to comment
• Reply to story
• Report offensive content

VoIP Hackers Anonymous -- 22/01/09

I am not sure that all users are conversant with PABX vulnerabilities both internal and external.

Whilst I am no expert a point of access to a Telephon system that can be overlooked is a PABX's inbuilt modem [external support]. If you know that number you can become the all powerful genie.

Good management practice requires PABX systems that are supported with software that provides management with real time exception reporting.

Otherwise you pay's your money and takes your chances.....

• Reply to comment
• Reply to story
• Report offensive content

You are looking at the wrong vector here Joe ODonnell of SecureLogix Corporation -- 27/01/09

Dial through fraud is very preventable. In most cases I have seen it is not the line side VOIP vector that gets passwords, opens hole into the router/PBX/Gateway then dials out over outbound trunks....it's the trunkside.....your PSTN edge that is the access vector. (via modems, DTMF altering, DISA code entry etc). Sometimes it is accessing the gateway due to poor implimentation but the cost in incurred by the PSTN dialout. (Which exists even when you move to IP Tel) You need an inline Policy based Trunkside Firewall and IPS which carriers and PBX vendors DO NOT provide. It is the forgotten edge so to speak. Yet every enterprise has one facing the un-trusted public voice network. With a Voice FW/IPS you can look at call types and attributes on the inbound and outbound call legs. And by combining the 2 (in and out) one can profile and mitigate/enforce the behavior in a very granular fashion. The cost is derived from the long distance egress that is incurred via their PRI, Analog, SS7 trunks. Not the VOIP line side handsets. There is a solution to this very old problem. The packet only security vendors do NOT address this which is a shame.

• Reply to comment
• Reply to story
• Report offensive content

VOIP for funa nd prodit Anonymous -- 16/02/09

1. Setup a per-per-minute phone service in some offshore haven
2. Hack someone elses VOIP system to dial the system on every possible outbound line and leave hte conenction open.. overnight... over the weekend
3. Profit!

Hopefully the 'victims' of this are clueful enough to analyse the DESTINATION of those calls

• Reply to comment
• Reply to story
• Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials