Background

An increasing number of enterprises are appreciating the advantages of VoIP communications, including unified communications, greatly reduced long distance charges, optimal use of network resources etc. However, increasing VoIP use has opened the door for hackers to turn toll fraud into a huge problem. With high levels of sophistication in the attacks, toll fraud is a big industry and can cost companies thousands of dollars year on year.

Toll fraud can lead to companies paying over 80 times their regular phone bill, and occurs by hackers gaining access to the IP-PBX and utilizing it for outbound calls sold as minutes to customers-with the enterprise footing the bill. Other abuse involves penetrating the IP-PBX to learn more about the network, with the aim of hacking into the enterprise’s data network for the purpose of espionage or other types of industrial damage. A few hours of unauthorized access can easily cost your company more than the price of the entire phone system – many times over.

Prevention

It is vital to protect your VoIP Network from Cyber Attack. Xorcom IP PBX offers protection to your business. The CompletePBX ranges such as the Xorcom CXR3000 and CXE2000, can keep your communications network safe against all these types of cyber-attack. CompletePBX is a business-grade VoIP telephony system that is based on an open source platform. CompletePBX features varying hardware configurations that are optimized to support the communications requirements of businesses from 30 to 1500 users.

Advantages of CompletePBX from Xorcom include:

  • Web-based interface for easy implementation and management

  • Enterprise-class communication features, unified communication options and basic

  • Call center functionality are standard, with no per user license fees

  • Modular support for PRI, BRI, FXO and FXS telephony interfaces

  • Interoperability with SIP standard endpoints, including flexible tool for adding new vendors/models

  • Built-in mechanisms to regulate access for heightened security

  • Hospitality-ready integrated solution that interfaces with leading property management systems (PMS)

  • Open application programmable interface enabling easy integration of third party products

Who is responsible for securing telephone systems?

Cyber-attack reports show up in the media on a regular basis. For example, as reported in a recent New York Times article, an architecture firm in Georgia is now answerable for $166,000 in calls made in a single weekend after a premium-rate service-fraud attack. The company’s law firm filed a complaint with the United States Federal Communications Commission (FCC) but the lawyer on the case noted “There are a number of ancient FCC decisions dating back to the early 1990s that say that if a customer has fraudulent calls, the customer is 100 percent liable.”

However, fraud negatively affects telco carriers as well as their customers. The losses increase the communications carriers’ operating costs and damage their reputation. Several countries already have new regulatory requirements in place which put at least partial responsibility for toll fraud on the telco carrier.

Called to investigate a recent breach to a hosted PBX service, Xorcom CTO Leonid Fainshtein confirmed the attack occurred when a hacker entered a portal back-door, erroneously left open by the company’s telecommunications carrier. The news reached the company only when they received their monthly invoice, with charges of over eighty times their usual bill. According to the CEO, their main service provider had not only neglected to notify the company of strange goings-on with their system, but they also passed the buck onto a subcarrier, and it is still unclear onto whom the responsibility falls to keep the company’s network safe.

Share this story with your friends or work colleagues. If you want to stay up to date with our latest products, industry news and offers you can sign up to our monthly newsletters, keep up to date with us on Facebook or follow us on twitter @VoIPon.