Security Challenges

We build genuine partnerships with our clients

• Neglected Network Defences
• Inadequate Content Security
• Weak Telecoms Networks
• Wireless Network Worries
• People Problems

Securing the telecoms network is as important as protecting the data network, and Context offers a range of services designed to protect against attacks on telecoms. Unsecured telephone PBX, Interactive Voice Response (IVR) and Automatic Call Distribution (ACD) systems could be exploited by external attackers or internal staff intending to perpetrate toll fraud and the theft and resale of long distance call services; or attackers trying to break into an organisation's networks via a back door.

Attacks have been based on methods including setting up premium phone numbers then initiating calls to that number for financial gain; or accessing and manipulating a switch in the PBX to make unmetered calls. There have also been incidents of criminals hijacking unsecured PBXs to make calls. Voicemail systems may also be targeted, as they can act as a channel through which it may be possible to access confidential information or eavesdrop on calls, and because exploitation of call transfer facilities can allow hijacking of lines for long distance or premium rate calls. Many abuses of telecoms network are initiated by employees or contract staff intending to steal or sell confidential information.

If abuses of an unsecured telecoms network go unchecked they can create operational problems, reducing the technical efficiency of the network, and adversely affecting business and customer interaction. And, of course, they may also cost the organisation a great deal of money.

Our consultants have many years of experience helping organisations to secure telecoms networks. Our two-stage telecoms audit services monitor both inbound and outbound traffic, uncovering unauthorised modem use which, while often set up for perfectly legitimate reasons, can represent serious security risks. For example, support staff or contractors in charge of facilities management for an office building may set up a modem connection under the radar of the IT department in order to remotely control a facilities management server. If this connection is hijacked, it may allow an attacker to access this server and parts of the network linked to it.

For more details of the consultancy and security assessment services we provide in relation to telecoms systems and networks, visit the telecoms and VoIP testing pages.

© Copyright 2012 Context Information Security.

Main Navigation

• Home /
• Our Company /
• Security Solutions /
• Research /
• Media /
• Contact Us