This week I attended the Telecomms Convergence event in Manchester. It is a relatively small event, but interesting to see the various Voice Over IP (VOIP) systems being offered. CISCO have recently launched the UC300 system which is a full feature phone system on a box no bigger than a small cereal box, which supports up to 24 users, for sub £1,000. Also the amount of interest shown in hosted system offerings. However, there is an area that needs your attending.
One of the most interesting conversations I had was with a company called Sipera, who specialise in telephony security. Now a few years ago, if you had been asked how secure is your phone system you would have probably looked to see it was bolted to the wall, or the room it was in was locked. Nowadays the question is more about securing your system against being hacked.
I have read a few articles in the past couple of months talking about systems being hacked and just last month I was talking to a company who had their system hacked and had £10,000 of calls to Africa put through their system. So this threat is very real. I was interested to talk to Darren Newman of Sipera to understand how prevalent this was and how it can happen.
There are a number of threats, the example above is known as toll forwarding. This is where your system is hacked to allow people to route calls to your system, then forward on the call normally to a premium rate number in another country. By all accounts, any non-secured system can be accessed for this hack very quickly and easily. I understand that certain systems have well known standard admin passwords which often do not get changed on installation that make life even easier for the hackers. Remember the early days in IT when the server Administrator password was “Password” – you have changed that, right?
Older non VOIP systems are apparently not immune from certain types of attack either.
So my word of warning is that hacking of pretty much any type of phone system is a possibility, it is costing businesses money. You can also suffer from identity theft from phone hacking; consider what you provide via your phone when you are asked to enter your credit card details by keying the numbers on your phone for example. You need to think firewall around your phone system in the same way you think of it around your IT systems.
Speak to your phone supplier today.