SAN ANTONIO--(SecureLogix, a Voice and Unified Communications (UC) Security company, today unveiled a new report measuring the occurrence and severity of new threats facing today’s corporate voice and UC networks. According to SecureLogix, U.S. corporations and their customers are now highly vulnerable to fraud schemes and identity theft via sophisticated attacks such as Telephony Denial of Service (TDoS), Fraud/Social Engineering, and Malicious/Harassing Calls.)--
“One reason we’re seeing an increase in voice attacks and schemes is the adoption of Voice-over-Internet Protocol (VoIP)”
The SecureLogix “2013 Voice/UC State of Security Report” offers the first-ever glimpse into threats facing corporate voice networks, drawn from real-world data and documented attacks against U.S. corporations over a 10-year period. Previous attempts to characterize these threats have been limited in scope and largely based on threat glossaries, opinion-based surveys, or hypothetical vulnerability tests conducted in closed, laboratory environments.
“While experts have mainly focused on security risks impacting traditional data networks, few attempts have been made to measure attacks targeting voice/UC applications and environments,” said Rod Wallace, SecureLogix vice president of services. “This report is not an academic, theoretical exercise, but rather a clear view into actual criminal activities and threats. The bottom line – if you transact with a utility, bank, investment firm, retail establishment or any other business that hasn’t made attempts to secure their voice network, you’re in real danger of having financial accounts and private information compromised.”
The SecureLogix report is based solely on information pulled from live, operational voice networks, and characterizes attacks and threats by their specific type, incidence level, and severity of damage and impact on U.S. corporations and their customers. Data is pulled from engagements across more than 120 corporate operational voice networks, including a number of Fortune 100, Fortune 50 and Fortune 10 companies. Nearly every industry is represented, with a concentration on banking/finance, healthcare, retail, utility, and government.
Among key findings is the significant migration of Denial of Service (DoS) attacks from Internet/data to voice networks, especially in contact center environments. With TDoS, call floods generated by computers can disrupt communication services inside customer-facing contact centers, or be used as part of sophisticated financial fraud attacks and call/traffic pumping schemes. 2012 was also marked by the rapid rise of “Social Networking TDoS,” as Facebook, Twitter, and other social networking vehicles are used in Occupy-style tactics to organize TDoS attacks against corporations and public entities with the express intent of shutting down operations. Additional report findings highlight substantial increases in Social Engineering and Identity Theft schemes over voice lines, a massive jump in the observed volume of Harassing Calls, and the continued presence and growth of Toll Fraud/Long Distance Theft and other forms of voice network attacks.
“One reason we’re seeing an increase in voice attacks and schemes is the adoption of Voice-over-Internet Protocol (VoIP),” said Mark Collier, SecureLogix CTO and vice president of engineering. “Free IP-PBX software such as Asterisk/Tribox, computer-based call generation tools, and easy-to-access SIP services greatly lower the barrier-to-entry for voice network attackers. Call generation is set up quickly and used to generate harassing calls, TDoS, voice phishing and SPAM -- and for brute-force probe attacks into call center IVRs for account information used for social engineering.”
To view a full copy of the report, please visit www.securelogix.com/sos.
SecureLogix, a Gartner designated “Cool Vendor,” is the leader in enterprise voice/UC policy enforcement and ROI intelligence. SecureLogix 7th generation solutions enable customers to save money through securing and optimizing IP Telephony and legacy voice networks, allowing cost efficient and confident migration to SIP Trunking and Unified Communications. SecureLogix solutions are currently protecting and managing over four-and-a-half million enterprise phone lines. For more information, visit SecureLogix on the Web at www.securelogix.com and www.voipsecurityblog.com.
Reader Contact Information
© Copyright 2013 SecureLogix Corporation. All Rights Reserved. ETM, TeleWatch Secure, TWSA, We See Your Voice, SecureLogix, SecureLogix Corporation, the SecureLogix Emblem and the SecureLogix Diamond Emblem are trademarks and/or service marks or registered trademarks and/or service marks of SecureLogix Corporation in the U.S.A. and other countries. All other trademarks mentioned herein are believed to be trademarks of their respective owners.
SecureLogix technologies are protected by one or more of the following patents:
|US 6,226,372 B1||US 6,249,575 B1||US 6,320,948 B1||US 6,687,353 B1|
|US 6,718,024 B1||US 6,760,420 B2||US 6,760,421 B2||US 6,879,671 B1|
|US 7,133,511 B2||US 7,231,027 B2||US 7,440,558 B2||US 8,150,013 B2|
|CA 2,354,149||DE 1,415,459 B1||FR 1,415,459 B1||GB 1,415,459 B1|