How Safe is Your VoIP Network?

Police in Australia are investigating a case of IP telephony fraud that may cost three Perth businesses a total of $70,000. VoIP attacks "usually occur over weekends in order to maximize the amount of time the breaches will go unnoticed," explains Police Sergeant Graham Clifford. "By the time the business owners return to the office on Monday or after a long weekend, the damage has already been done." Unfortunately for the business owners in Perth, their companies had "extremely vulnerable" VoIP networks that used only the "most basic security," including factory-default access codes and passwords.

Criminals who wage VoIP attacks like the one in Australia operate internationally and target those business phone systems that are most vulnerable. Over the course of a weekend, they may place thousands of calls to numbers they own, thus making a tidy profit. According to Richard Stephens, a managing partner at Neural Networks who has fended off VoIP attacks, stopping the bad guys begins with enforcing passwords and prefixes that aren't easy to guess. Stephens also recommends defensive tactics such as limiting the number of calls that can be made, blocking phone calls to countries that aren't normally contacted, and developing intelligent systems to detect anomalous behavior.

What else should you do to protect your VoIP network?

Source: ZDNet Australia