Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 27 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Community Led Threat Prevention

by The Gurus
June 29, 2017
in This Week's Gurus
Share on FacebookShare on Twitter

Community based threat detection and prevention has been a fundamental principle in Anti-Virus and Intrusion Detection Systems for years.  Pooling the information and experience of multiple organisations to rapidly identify emerging threats, this collaborative approach enables security companies to quickly create a patch and disseminate it globally to minimise a hacker’s opportunity with that specific attack vector.
This model is now being extended to voice security in a bid to combat the escalating threats, including toll fraud, telephony denial of service and voice mail hacking attacks, leveraging the cloud based Session Border Controller (SBC) and community collaboration to deliver rapid protection against emerging global events.
Paul German, CEO, VoipSec, explains why community led threat detection and prevention is fast becoming a critical component of the VoIP security model.
Stronger Together
Security is not static; and the concept of ‘working together we are stronger’ is well proven. The ability to pool information and experience has proved key in the fight against a continuously evolving threat landscape. The difference today is that the threat landscape increasingly includes voice.  With the huge growth in companies adopting Voice over IP (VoIP) and Unified Communications (UC) to drive down costs and improve productivity, the inherent insecurity of standard deployments has driven an explosion in telephony denial of service attacks, voice mail hacking and toll fraud.
According to the Communications Fraud Control Association (CFCA) $4.4 billion has been lost due to PBX hacking, while the US Department of Homeland Security’s Cyber Security Division has recently announced it is funding two research projects designed to harden defenses following recent Telephony Denial of Service (TDoS) attacks on 911 emergency call centres, financial services companies and a host of other critical service providers and essential organisations.
It is becoming increasingly apparent that the frequency of this voice related activity will only increase all the while voice security models remain outdated and static. Given the growing complexity hackers face to break through multi-layered security systems to gain access to personal data, the contrasting ease with which a telephony denial of service attack can be launched on an unsecured or inadequately secured voice network is stark. It is no wonder these incidents are on the rise – and organisations are enduring the devastating consequences.
Cloud based SBCs
Traditional models for protecting the voice network were based on hardware devices – an ‘install once’ Session Border Controller (SBC) that simply could not protect an organisation against continually evolving threats.  More recently, that model has shifted towards software based SBCs that can be upgraded in response to new security risks.  It is, however, the evolution towards cloud based SBC deployments that now enables the adoption of this community led voice security model.
This cloud based SBC deployment facilitates the adoption of community led intelligence on two fronts.  Firstly, working together a community of organisations sharing breach information radically extends the number of touch points into hacking events, transforming understanding and insight into the ways in which hackers are looking to compromise companies. Secondly, each hacking attempt to compromise a specific customer environment creates a fingerprint which can then be used by the security vendor to create a security patch or update that will actively immunise every other user of the cloud based SBC from being compromised with the same attack fingerprint.
This combination of routine product updates with shared intelligence ensures an attack on a single organisation can be quickly transformed into a patch or update that protects every business from the new risk.  
Understanding Threats
This model is particularly effective against the typical security threats now affecting voice networks – telephony denial of service and voicemail hacking.  When a hacker compromises a call centre and consumes all lines to prevent any in-bound or out-bound calls the implication on an organisation’s business is devastating. From the negative customer experience to the multi-million pound demands from hackers to unlock the lines, the business cost of one of these attacks can be very significant.
Each telephony denial of service attack will include specific attributes that will form the fingerprint. Taking a sample of that event – including what services the hacker is trying to access, the number called to or from, the digits being pressed when on the line – will enable the creation of a patch or update that can be shared with all users of the SBC, to ensure no other organisations are exposed to this specific breach attack.
A similar model applies to preventing wide exposure to voicemail hacking, a process that enables hackers to accept and make international collect calls – at huge cost to the compromised business. In addition to specific voicemail protection modules provided as part of a cloud based SBC to identify breach attempts, lock down the voice network and alert the organisation, the SBC will log rogue numbers identified across the cloud based network, rapidly creating a database of blacklisted numbers that can be deployed by all organisations to further protect against voicemail hacking attempts.
Prioritise and Evolve
This community model is particularly effective in highlighting and combatting global attacks.  An organisation operating single site security policies could be unaware that attacks are being launched simultaneously against multiple locations. With a global, cloud based SBC approach, the company will be made immediately aware of the scale of the global attack and therefore able to enforce policies that protect the entire environment against breach.
The ability to prioritise activity is also key. Every threat will be profiled and organisations have the option as to how frequently updates are made.  For example, most will opt to be immediately protected from critical risks, while high or medium risk updates could be made weekly, and low risks just once a month. In addition, the community model supports continual assessment of past threats by using validation techniques to track activity. If a specific fingerprint is not seen again, and the patch is no longer required, it can be removed from the SBC or replaced by a different approach, such as diverting any calls from a previously blocked number to a security desk.
Conclusion
It is this depth of security intelligence that is transformative. With growing consensus that the burden facing organisations attempting to fight security issues individually is simply too high, it is clear that joining a specific community of companies willing to work together is a far more effective approach to locking down a business against new threats affecting voice and UC.
Combining this community led collaboration with the ability to rapidly disseminate patches and update via a cloud based SBC will enable organisations to lock down the business against escalating VoIP security threats.

FacebookTweetLinkedIn
Tags: CyberPreventionsecurityTechnologyThreat
ShareTweet
Previous Post

New report from CREST highlights the need to improve cyber security in Industrial Control Systems

Next Post

Deep Root Analytics Is in Deep Trouble With Voter Data Breach

Recent News

CREST and IASME announce partnership with the NCSC to deliver Cyber Incident Exercising scheme

September 26, 2023
partnership

Cyberelements Partners with ABC Distribution Partners to Revolutionise Privileged Access Management in Europe

September 26, 2023
Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

September 25, 2023
Nurturing Our Cyber Talent

Nurturing Our Cyber Talent

September 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information