Connect with us

technology

Enterprise PBX Hacking Is Costing Businesses Billions

Published

on

One Technology Vendor Has Launched a Cloud-Based and AI-Driven Approach to Detect and Terminate Fraudulent Calls Before They Skyrocket a Business’s Bill

 

Many years ago, telecommunications networks consisted mostly of physically interconnected devices. Back then, to commit telecoms fraud, a hacker had to physically attack the telecommunications network in order to redirect communications traffic for fraudulent purposes.

Over time, telecommunications networks have become based on IP technologies and today are increasing virtualized. This transition has significantly increased the service for attacks and has turned telecoms fraud into a cybersecurity issue. Session Initiation Protocols (SIP) are becoming increasingly used on telecommunications networks, which offer many integration benefits, although have known vulnerabilities that further expose enterprise PBX devices to telecoms fraud attacks.

Enterprise PBX Hacking

PBX hacking, also known as toll fraud, is one of the most damaging forms of telecoms fraud. The practice involves hacking into enterprise PBX systems and injecting large volumes of fraudulent calls, which end up costing businesses billions of dollars.

SIP trunks have been gradually replacing legacy network infrastructure because they offer telcos significant advantages, including cost savings, easy interoperability and use of the Internet as the communication layer.

Also, with SIP technologies no transition to other protocols is required for voice communications on 4G and 5G networks.

Now, a hacker merely needs to compromise a login ID and password to initiate a fraudulent communication traffic through the PBX device of an enterprise. To the carrier, this looks like a typical call, while the business whose PBX is getting hacked is none the wiser until it receive the bill.

The Communications Fraud Control Association published a 2018 report highlighting that businesses were hit with more than $29 billion in fraudulent charges in 2017.

New Approach Required

Today cybercriminals are highly skilled and using the most advanced technologies to rapidly execute telecoms fraud attacks. To complicate the situation, enterprise PBX systems are installed on-premise or in the Cloud environment of the business. What this means is that protecting enterprise PBX systems beyond the reach of the telecoms fraud protection activities of a telecoms service provider. This has created a situation in which a cybercriminal can carry out a telecoms fraud attack without either the enterprise or telco knowing what has happened.

Antivirus Approach To Telecoms Fraud Prevention

A telecoms technology provider called Oculeus believes it has the answer. “Our approach to preventing telecoms frauds is similar to how an antivirus system works on a PC,” explained Arnd Baranowski, CEO of Oculeus. “We think that in the very near future, all communication access points with a technology like ours will provide protection like an antivirus system to prevent abuse of these access points.”

Oculeus developed its approach to preventing telecoms fraud after it suffering an attack of its own. In just two days, hackers left the company with a $13,000 bill.

Similar to an antivirus program, Oculeus-Protect monitors communications traffic running through a PBX system. To do this, the software takes a baseline of activity on the PBX network and looks for anomalies in the traffic flow. It does this via call location data; it does not monitor call content. The system can then immediately drop suspect traffic or flag it for further analysis.

According to Dan Baker, research director at the Technology Research Institute: ““In TRI’s opinion, Oculeus-Protect delivers a breakthrough that could have a lasting impact on curtailing PBX fraud across the board.”

AI Improving Detection of Telecoms Fraud

The Oculeus-Protect system utilizes AI techniques to constantly improve its ability to fight telecoms fraud. Oculeus-Protect applies AI to both learn new forms of telecoms fraud and reduce the amount of time required to confirm and block fraudulent calls.

“AI is critical for providing rapid responses for fighting new forms of telecoms fraud. We are leveraging AI to constantly improve the accuracy and response times in order to quickly – in the matter of milliseconds – determine if communications traffic is legitimate or fraudulent,” said Baranowski.

Oculeus-Protect is available directly to businesses as a service running from the Cloud. Oculeus is also partnering with telecoms providers to offer a PBX protection service to the enterprise customers of the service provider.

 

Praneet is the CEO and Editor of the website TeckFly.com. He is a blogger and have varoius blog on various topic and he is from India who loves to read and write about Technology, Gadgets and Gaming. If you share the similar interests then you can follow him on Facebook | Google+ | Twitter

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending