Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 30 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The SIP Security Fallacy

by The Gurus
March 9, 2016
in This Week's Gurus
Share on FacebookShare on Twitter

The SIP Security Fallacy
There is no such thing as static security – all security products become vulnerable over time as the threat landscape evolves. Any ‘deploy once, update infrequently or never’ security solution is inherently flawed. Which is why every switched on organisation routinely updates its anti-virus and anti-malware solutions, hardens its infrastructure and updates its policies. So why is SIP security still based upon a one off implementation of a Session Border Controller (SBC)?
From denial of service attacks to toll fraud, SIP trunking is inherently vulnerable. And in an era of near continuous security breaches, that vulnerability continues to change and escalate. No technology or communications environment is static – and SIP security should be treated with the same urgency as anti-virus and infrastructure hardening.
Paul German, CEO, VoipSec, insists it is time to think differently about SIP security – before it is too late.
The breaches go on
Another day, another security breach.  The theft of 15 million T-Mobile customers’ data from credit checking firm Experian, the exposure of the personal data of US based Uber drivers, the hack of Samsung Pay, the denial of service (DoS) attack on HSBC – all of these events have occurred within very recent history.  The scale of hacking and data theft is unprecedented and new attack vectors are continually being found and compromised.
Today’s threat levels are high and, given the constant publicity and public scrutiny, only the most foolhardy organisations would ignore the need to safeguard infrastructure. Yet in what is a continually changing and evolving threat landscape, inconsistencies in security policies and practices are creating new vulnerabilities. Why, for example, are organisations totally committed to continuously updating anti-virus (AV) and anti-malware solutions yet will happily install a Session Border Controller (SBC) to protect VoIP calls and never consider it again?
If there is one thing that every security expert will confirm, it is the continuously changing nature of the threat landscape – and a security product’s ability to safeguard a company declines from day one. In an era of near ubiquitous VoIP calls, when companies are routinely falling prey to toll fraud and denial of service attacks, it is time to ask why network providers and security vendors continue to downplay the vulnerability of SIP.
Static Fallacy
The deploy once, update many times model adopted by AV, web security and email security over the past two decades is well established and organisations recognise the clear vulnerabilities associated with failing to update routinely.  Companies understand the importance of buying not just a security product but a vendor’s continuous research into emerging threats and a commitment not only to routine updates but also emergency patches in response to new hacking vulnerabilities.  In effect, when it comes to a continuously changing security situation, organisations recognise the need to buy products and solutions that utilise research, existing users and community to stay ahead of the hacker.
So why are other aspects of the communications network and infrastructure, including routers and switches, still subject to the static – implement once, update never – approach? Does this mean these areas are impregnable once protected? While some vendors may like to imply this is the case – it is not.  Toll fraud and denial of service cost businesses £25.5 billion every year globally – £1.2 billion in the UK alone¹,  and, again, the threats continually evolve. For example, hackers are routinely undertaking port scanning in the hope of finding a way in – any organisation that has left SIP ports open is likely to be found out, and compromised, very quickly.
The scale of attack may surprise UK businesses: security consultancy Nettitude’s recent report revealed that attacks on VoIP servers represented 67% of all attacks it recorded against UK-based services – in contrast, SQL was the second most attacked service, accounting for just 4% of the overall traffic. With 84% of UK businesses considered to be unsafe from hacking according to NEC, the implications are significant and extend far beyond the obvious financial costs of huge phone bills or the increasingly common Telephone Denial of Service threats, also known as ransom events used to extort money.
From eavesdropping sensitive communications with malicious intent such as harassment or extortion to misrepresenting identity, authority, rights and content – such as modifying billing records – or gaining access to private company and customer contacts, hackers are increasingly looking for more than basic call jacking.
Ahead of the Game
The cyber security market is set to be worth $170.21 billion by 2020² – with a strong bias towards securing email, desktops and web services. Yet while the adoption of VoIP is now at record levels, SIP security investment remains low.  When hackers are looking for the easiest way in – this lack of protection is an open invitation.
The reality is that SBCs provide an entry level of security – but, like any other security product, they need to evolve. And that means SBC providers need to be making a continuous investment in security research and providing routine updates in order to deliver a reactive, real time and intelligent level of security to protect against these new world threats.
Organisations – and providers – need a change of attitude to SIP security.  In a constantly evolving threat landscape no one knows what is coming and the onus is on both vendors and businesses to ensure they are in the best possible position to both safeguard data and protect against expensive toll fraud attacks. The constant change process has become a fundamental aspect of successful security – and that needs to be applied across the board, not just to AV. Static security does not work; it is time for the SIP security industry to face up to its responsibilities and embrace a process of continual update that will truly safeguard organisations tomorrow – not just today.
 
¹ NEC Toll Fraud
² The report “Cyber Security Market by Solution (IAM, Encryption, DLP, Risk and Compliance Management, IDS/IPS, UTM, Firewall, Antivirus/Antimalware, SIEM, Disaster Recovery, DDOS Mitigation, Web Filtering, and Security Services) – Global Forecast to 2020″
 

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

U.S. cyber pros test skills in exercise meant to stop attacks

Next Post

Kurt Geiger Optimises E-commerce Operations and Global Website Experience with Splunk

Recent News

cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023
Outside of cinema with advertising

Back and Bigger Than Ever! The Inside Man Season 5 Takes a Stab at Power Hungry Adversaries

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information