IP telephone systems are increasingly targeted by attackers. Munich, April 12, 2011, except to hurt the company with denial-of-service attacks, spy secrets with man-in-the-middle attacks or to inflict financial damage due to abuse attacks. Attacks are especially popular on weekends, since they are aware of late. So that Easter does not become a nasty surprise, the Fraunhofer ESK experts have put together a white paper with safety tips. Administrators with these security measures protect their IP PBX from abuse, which can easily cost thousands of dollars. Fairly simple wealth for immediate measures to protect telephone equipment. In principle, the same security standards as for the remaining infrastructure apply for IP telephone systems.
We have noticed that many break-in cases caused by errors in the administration of IP telephone systems,”explained Beate Eickhoff, researcher at the Fraunhofer ESK. IP telephone systems are in contrast to traditional Equipment no longer isolated by the infrastructure and therefore exposed to the same hazards. In the white paper, the experts deal with the most common errors in the configuration of the PBX. The abuse cases have risen lately, where the attacker broke in on holidays in plants. A cluster of holidays, we have again at Easter, is particularly interesting for attackers. The abuse is usually only discovered with the next billing. Until then, the attackers have long left the systems and their tracks are well blurred. Because most log files overwritten in a cycle of approximately 10 days, which also forensic investigations are extremely difficult.
An example of abuse attacks is the cash by burglary in connection with expensive service numbers from abroad. First, the invaders set up a temporary paid service phone number abroad. Then, many calls to this number are initiated by the attacked phone system. The attacker collect the money mostly in countries, where a Law enforcement in Germany is difficult. The company remains sitting on the cost. The Fraunhofer ESK has shown common error in the configurations in their white paper and simple, immediately actionable measures together. The white paper below de/publikationen/studien/phonebreaking.html to download ready. = The Fraunhofer research institution for communication systems ESK the Fraunhofer ESK has expertise for wide areas of ICT, by transmission through protocols and systems up to intelligent applications. Adaptive communication systems in their fields of expertise, software methodology and mobile solutions combine the know-how in the application fields automotive, industrial communication and communication solutions is used. contact: Fraunhofer Institute for communication systems Susanne Baumer Corporate Communication phone: + 49 89 547088-353 fax: + 49 89 547088-66353 Dipl.-ing. Beate Eickhoff phone: + 49 89 547088-320