SecureLogix

Summing Up VoIP Security for 2008

A lot happened in 2008. We had what seemed to be a marathon Presidential campaign season capped off with the election of the first African-American to be President of the United States. We had a housing crisis with a mortgage industry in free fall. We had the government bailing out Wall Street banks and investment firms to the tune of $700 Billion with no oversight and no strings attached, while scoffing at bailing out the automobile manufacturing industry for $30 Billion with conditions and a plan to turn things around. We saw 2.6 million Americans lose their jobs. Aside from that part about electing a new President, 2008 didn’t seem to hold much worth smiling about.

Mark Collier, CTO of SecureLogix and co-author of Hacking Exposed-VoIP, found a silver lining though. In his blog, Collier sums up the year in VoIP security for 2008. He notes that, overall, the year was kind of boring. That may not sound like a silver lining, but if the alternative was one of the ’sky-is-falling’ FUD (fear, uncertainty, and doubt) predictions being realized then suddenly boring is not so bad. Check out Collier’s blog for more details of the state of VoIP security in 2008 and links to some of the few attacks that were publicly disclosed.

Exploiting VoIP for Toll Fraud

Toll fraud is nothing new. Pretty much since there have been telephones, or at least enterprise telephone systems, attackers have sought to somehow hijack or piggyback on them in order to place toll phone calls at the expense of the company that owns the phone system. As with many other types of ‘cyber crime’, the crime itself is not new, but technology often makes it easier and faster than the more traditional version of the crime.

Mark Collier, CTO of SecureLogix and co-author of Hacking Exposed: VoIP, noted in a recent blog post what a threat VoIP toll fraud is. Collier points out that, while there may be a variety of ways to attack a VoIP system, toll fraud is one of the few with a clear and direct motive. Collier refers to a white paper detailing a recent toll fraud VoIP breach in Germany, and also alludes to a similar situation here in the United States that resulted in $250,000 of toll fraud theft. You can get more details on these incidents and VoIP toll fraud in general by checking out this post on Collier’s blog.

SecureLogix Brings New Patent to VoIP Security

SecureLogix, a leader in VoIP (and unified communications) security, was awarded their first patent in 1998 when they introduced the first firewall for voice networks. As VoIP has grown and been embraced by corporations and consumers alike, SecureLogix has continued to innovate and develop new techniques that address evolving communications technologies as well as the threats and attacks designed to exploit those technologies.

This latest patent is their 14th. According to a MarketWatch article, the aspects of the latest patent include sensing and analyzing calls to determine call attributes, and performing security and/or management actions based upon the determined call attributes, including actions in response to attempts to encrypt a call or authenticate remote access, and monitoring of call content for keywords.

Free VoIP Security Tools from SecureLogix

SecureLogix has released a suite of VoIP security assessment tools that are available as a free download from their web site (SecureLogix.com).  The tools can help analyze the security of your VoIP network and determine whether it is susceptible to attacks such as Denial-of-Service (DoS), Man-in-the-Middle, eavesdropping, call teardown and more.

Pretty much since companies have been making the switch from traditional switched POTS (plain old telephone system) networks to VoIP, SecureLogix has been around to help secure communications. SecureLogix provides tools and services to analyze and protect both traditional and VoIP networks, and they are in the fairly unique position to assure security of both as organizations transition.

Mark Collier, SecureLogix CTO and VP of Engineering, is also known for having been co-author of McGraw-Hill’s Hacking VoIP Exposed, a part of the hugely successful Hacking Exposed series. The book contained some earlier versions of te tools released by SecureLogix. Collier maintains a blog called VoIP Security Blog.

Risk of RTP ‘Monoculture’

One of the issues or stumbling blocks facing organizations as they adopt unified communications is the interoperability (or lack thereof) between systems. A company would like to know that the platform they invest in will be able to integrate, or at least cooperate with, disparate platforms being used by vendors, customers, or future merger and acquisition targets.

In the world of VoIP (Voice over IP), there is a more or less agreed upon standard in RTP (Real-Time Transport Protocol). That is great for universal interoperability, but some have suggested that it may also pose a security risk for VoIP networks. The potential ‘monoculture’ of RTP could mean that any successful exploit against the protocol could cripple not one VoIP platform, but all VoIP platforms simultaneously.

I do agree that organizations need to be concerned with VoIP and unified communications security, but I believe that the ‘RTP monoculture’ issue is primarily FUD being used to sell VoIP security solutions from the vendors claiming the sky is falling. The thing is that monoculture is largely a myth. The ‘Microsoft monoculture’ was just anti-Microsoft FUD.

Each organization has different perimeter security, different products and applications inside the network, different security policies and controls across their environments. Yes, they may all use RTP, but everything else about their network and VoIP configuration is unique to each organization. Hopefully, if they have done their homework and put the right kinds of security controls in place, an RTP exploit that impacts one company won’t necessarily impact them.

Nortel Partners With SecureLogix for Voice Security

Nortel has formed an alliance with SecureLogix to enable Nortel VAR’s to market and sell the SecureLogix ETM System and other security services in conjunction with Nortel’s new Voice Security Services offering. Adding to the arsenal already available to Nortel VAR’s, the SecureLogix ETM System provides a powerful voice security and management platform. Nortel customers will be able to optimize their investment in voice technologies, while protecting the voice and data networks from telephony-based attacks and abuses. Unified communications and VoIP are hot technologies that many companies have adopted or are looking at implementing soon, but few have taken the time to understand the security risks or proactively safeguard their unified communications investment. Nortel and SecureLogix are moving in the right direction by recognizing the security concerns and providing products and services to help their customers leverage the benefits of these new technologies securely.