14 DAY TRIAL // The media in Western Australia is reporting that hackers are compromising the Internet phone systems of various local companies and abuse the forwarding function to make phone calls to other countries. The WA police announced that it received multiple complaints from various businesses regarding such intrusions.
The Western Australian gives the example of a company whose VoIP (Voice over Internet Protocol) system was used by unknown hackers having obtained unauthorized access to make a staggering 11,000 international phone calls in just 46 hours. The company's representatives learned about the intrusion when they were served by their provider with a phone bill of over AU$120,000 ($79,000).
Local police officials warn that unpatched vulnerabilities in older PBX platforms are the likely attack vectors, and advise all companies to audit the security of their communication systems. “Most businesses are prepared to install firewalls on their computers, but fail to extend that level of security to their phone systems,” Det-Sgt Jamie McDonald explained.
Phone hacking, also known as phone freaking or phreaking, can prove to be more costly to organizations, compared to other, more common, types of computer security breaches. We recently reported the case of a Canadian IT business that suffered a similar attack. The company was left with a $43,000 bill, after a hacker compromised its voicemail system and made hundreds of calls to Bulgaria.
Fortunately, the firm's owner was alerted by a strange “feature 36” message that repeatedly appeared on the display of their phones, and called the phone provider himself. The businessman maintained that the telecom companies should have monitoring systems in place to alert them of unusual activity from their customers. He explained that his normal bill was around $500 a month, and that his provider should have checked with him when it went well beyond a certain sum of money.
Companies should be advised that hackers don't necessarily keep information about compromised systems to themselves. Many of them sell access credentials on the underground market, so in many cases there might not be a single individual abusing a system, but several. This is also the most likely explanation as to how 11,000 international phone calls were made from the Australian company's PBX platform in only 2 days.
In addition, cyber-criminals use compromised telephone systems to launch phishing attacks. Such attacks, also known as vishing, involve automated dialing and messages, and can result in hundreds of phone calls per hour. The FBI Internet Crime Complaint Center (IC3) has issued an alert back in December about a rise in vishing attacks using unpatched and compromised PBX systems.