Security Center

Explanations of the different types of UC threats

• Download the PDF

Whitepapers

• Why Next Generation Firewalls are not sufficient to protect your Unified Communications & Collaborations, IP Voice and Video Networks
  

  NextGen Firewall has been designed to identify and control applications running on enterprise networks regardless of what ports and/or protocols they use.
  Even if efficient for standard applications, it is still a data flow control component not designed to handle real-time Unified Communication and Collaboration flows.
  

• Unified Communications Threat Management: Redefining security for UC &C, IP Voice and Video networks
  

  Unified Communication Threat Management (UCTM) appliances are new product category. They are a highly specialized solution designed to provide complete protection, visibility and control for voice-, video,and multimedia-over-IP traffic.
  

• Secure Communications and Collaborations: What you need to know to protect your UC&C, IP Voice and Video network
  

  This white paper attempts to narrowly focus on the numerous threat vectors that plague these applications ranging from Voice Denial-of-Service (VDOS) attacks, SPAM over Internet Telephony (SPIT) attacks, eavesdropping, spoofing, number harvesting, protocol anomaly or fuzzing attacks, signal and media manipulation attacks and toll fraud. The paper presents shortcomings in existing security solutions and presents the requirements for comprehensive requirements for securing Unified Communications & Collaborations, IP Voice and Video networks, systems and applications.
  

• Please contact us at info@redshiftnetworks.com and we will send the White Papers within 24 hours.

UC Security Resource

• CondorLabs

3 new UC & Collaboration Security Standard’s Documents by DISA, NIST and NSA

August 5, 2010 - The Defense Information Services Agency (DISA) Voice and Video over IP (VVoIP) Security Technical Implementation Guide STIG

August 5, 2010 - National Security Agency (NSA) Security Guidance for Deploying IP Telephony Systems

August 5, 2010 - National Institute of Sandards and Technology (NIST) Special Publication (SP) 800-58

Recent Attacks

2011

July 7, 2011 - Kevin Mitnick shows how easy it is to hack a phone

July 7, 2011 - The Phone Hacking scandal has finally hit Rupert Murdoch's news paper really hard - forced to shut down and bring the legacy to an end.

May 19, 2011 - Hudson County, New Jersey Man Pleads Guilty to $4.4 Million VoIP Fraud Scheme

May 17, 2011 - Cisco backs presentation on VoIP hacking techniques

April 27, 2011 - Multiple Vulnerabilities in Cisco Unified Communications Manager

April 14, 2011 - WA businesses hit in VoIP phone hacking attack

March 28, 2011 - Worms, VoIP attacks are main threats to internet in Poland

March 11, 2011 - VoIP Security - Simulated Hacker Attack

March 9, 2011 - Botnets, cloud computing power may be fueling attacks against VoIP

January 22, 2011 - United Kingdom's Media Chief in British Government, resigns over Phone Hacking Scandal on MP's, Royals and Celebrities

2010

December 29, 2010 - Attacks on GSM networks in Holland

December 14, 2010 - 11 Million Euros loss in worldwide calling sophisticated Toll Fraud attacks in Rumania - Gang arrested

November 14, 2010 - FBI warns of Voice Phishing Scams during Holidays

November 4, 2010 - Phone scam could cost Flintshire charity thousands of pounds

October 29, 2010 - Security Manager's Journal: Slammed with a $100,000 phone bill

October 21, 2010 - Pentagon seeks tight ties with cyber contractors

October 13, 2010 - The Sun: Cyber menace attacking Britain

October 12, 2010 - Iain Lobban, Director of the UK Government Communications Headquarters (GCHQ) urged greater awareness of the threats posed by cyber attacks in a speech at the IISS in London

October 5, 2010 - Voice Phishing: System to Trace Telephone Call Paths Across Multiple Networks Developed

September 27, 2010 - Zeus banking Trojan targets mobile phones too

September 24, 2010 - Extradited VoIP hacker sentenced to 10 years

September 16, 2010 - NBA star Shaquille O'Neal accused of hacking

September 7, 2010 - MPs launch a new inquiry into mobile phone hacking

September 1, 2010 - Tabloid Hack Attack on Royals, and Beyond

July 14, 2010 - New Denial of Service Vulnerability on Cisco Unified Communications Manager

June 21, 2010 - Small and Medium Size Businesses are being targeted by DOS attacks warns the FBI

April 12, 2010 - Amazon EC2 SIP Brute Force Attacks on Rise

March 25, 2010 - Multiple Cisco SIP Denial of Service Vulnerabilities

February 22, 2010 - Moscow Hacker Compromises Video Billboard – Displays Porn

February 6, 2010 - WSJ Article : The Rise of Caller ID Spoofing

February 1, 2010 - Hackers crack cell phone encryption

January, 2010 - Two well-known VOIP attacks

2009

December 17, 2009 - Predator Drones Hacked (Video Feeds)

December 11, 2009 - Amazon EC2 cloud service hit by botnet

December, 2009 - Encryption of most mobile phones cracked

November 24, 2009 - VOIP Fraud

October 23, 2009 - Polycom VOIP Handsets Vulnerable

October 20, 2009 - Google Voice Mail Exposed – USA

October 16, 2009 - VOIP Hacker in Court – Stole $1M

August 28, 2009 - Skype Trojan Detected

August 5, 2009 - Phone Phishing Ploys

July 6, 2009 - Video ActiveX Flaw

June 15, 2009 - 3 Charged with Hijacking Phone System

March 3, 2009 - Youtube users fall victim to Malware

January 25, 2009 - Toll Fraud Attack - Australia

January 8, 2009 - SIP/H323 Scan attacks – Norway

2008

December 23, 2008 - Toll Fraud attack - Canada

December 9, 2008 - Terrorists use VOIP Phones - Mumbai

December 8, 2008 - FBI Warning Asterisk Attacks – USA

October, 2008 - H323 Attack – Germany

October, 2008 - Toll Fraud - Attacks in Malaysia & Bulgaria

January, 2008 - FBI warns Voice Phishing attacks - USA

January 17, 2008 - Vishing Attacks Increase - Internet Crime Complaint Center (IC3)

January 17, 2008 - Sercurity Alert by Axis Bank - Vishing / Phishing

2007

July, 2007 - SPIT Attack Columbia University - USA

April, 2008 - Eavesdropping attacks - Italy

March, 2007 - Lots Toll Fraud (VoIP Phreaking) attacksUSA & Panama

January, 2007 - 2 Voice Phishing Attack at Banks - USA

2006

April, 2006 - NASA's VOIP Network Shuts down - Misconfiguration

March, 2006 - Toll Fraud Attack - USA

VOIP Phreaking or Toll Fraud Attack (Mutiple Attacks)

• October, 2008 - Korean Telecom Provider – Losing several millions monthly to Toll Fraud
• June, 2007 - Panamanian Telco – Lost $100K to VOIP Toll Fraud
• June, 2007 - New York Service Provider – Lost $10M to VOIP Toll Fraud
• March 2006 - VOIP Carriers lost $1M and attacker arrested – Miami, Florida

FBI has 100’s of Backlogs of Attacks (From a person who works with the FBI)
Carriers and Enterprises lose $40B to Toll Fraud each year in the TDM space. Many carriers that we have talked to, such as Carrier - Colombia, Korean Telecom Provider and many others are getting tons of VOIP attacks.

Phishing Attack

• October, 2006 - Bank in Southern California
• April, 2006 - New York Regional Bank

SPIT Attacks – On-going and occurring today at many major enterprises

• March, 2006 - Silicon Valley Technology Company, CA

Voicemail Spoofing

• June, 2006 - Celebrity Voicemail attack
• January, 2006 - T-Mobile Customers

Mis-configuration Issues

• December, 2006 - NTT Network Down for 11 hours
• April, 2006 - NASA – Both Data and Voice Networks was down for 24 hours

Data Viruses brings down VOIP / IP Telephony Network

• January, 2006 - West Coast Utility Company

LIST OF VOIP VULNERABILITIES – 100’s of Vulnerabilities
RedShift has identified hundreds of vulnerabilities in IP Telephony and Unified Communication Servers, applications and IP Phones for major and minor vendors. These are well-known vulnerabilities.

LIST OF ATTACKS – 10’s of thousands of Attack Vectors
RedShift has also compiled a list of thousands of attack vectors on VOIP / IP Telephony and Unified Communication Applications based protocol fuzzing, protocol anomalies, and other general mechanisms.

Examples

• Voice DOS
• Eavesdropping
• Number Harvesting
• VOIP Interception / Modification
• Call Pattern Tracking
• Collaboration Hijacking
• SIP Flood
• VOIP MITM Attack
• Illegal Session Teardown
• Illegal Impersonation
• Illegal Call Forwarding
• Illegal Media Injection
• And 100’s more.

Sources – NIST, CERT, Verizon Labs, Open Source Vulnerability Database, UK National Infrastructure Center etc.