Tag Archives: Security

Philippine Phone Phreakers Arrested After Funding Terrorists


One of the big news items in telecom security this past week was the arrest in Manila of 4 men accused of defrauding AT&T of almost $2 million USD and then using those funds to finance a terrorist organization. The Philippine National Police issued a statement (annoyingly you have to scroll down to the “November 24, 2011” entry) that explained the terrorist link:

Sosa said that Kwan and the other hackers in Manila were being used by the Zamir’s terrorists group to hack the trunk-line (PBX) of different telecommunication companies including the AT&T. Revenues derived from the hacking activities of the Filipino-based hackers were diverted to the account of the terrorists, who paid the Filipino hackers on a commission basis via local banks.

The joint operation between the Philippine Criminal Investigation and Detection Group (CIDG) and the US FBI is per the statement a result of a long-standing effort within the FBI to combat this kind of fraud.

It’s not clear yet exactly how the fraud was perpetrated and whether or not there was any “VoIP” involved. Ars Technica, in a lengthy piece, “How Filipino phreakers turned PBX systems into cash machines for terrorists, indicates that the attackers used traditional attacks against PBXs to compromise voicemail systems that allow outbound calling (DISA) and then passed that list of compromised PBXs along to others who sold this access as a way to cheaply call into premium rate services (similar to 900-numbers in the US).

There’s also a note in the Ars Technica article that the attackers used good old default passwords to get into many of these PBXs. 🙁 Assuming the prosecutions move forward we will hopefully learn more as the cases go to trial.

Regardless of the precise mechanism, it’s a great reminder that people need to check the traditional security mechanisms of their PBX systems, and REMOVE/CHANGE default passwords!

If you are interested in discussing this case, it will be the topic of today’s (Dec 2, 2011) Voip Users Conference (VUC) call at 12 noon US Eastern. All are welcome to join – or to listen to the conversation later once the recording is posted.

Speaking at SIPNOC on SIP Security – What Would You Like Me to Say To Service Providers?

Sipnoc2011 1Tomorrow I will be in Herndon, Virginia, outside of Washington, DC, at “SIPNOC: The SIP Network Operators Conference“. I will be speaking in two sessions (details here), one of which is a panel about “SIP Adoption and Network Security” and will include two other panelists from Acme Packet and Sipera Systems.

The panel discussion is planned to be about what are the primary security issues related to wider deployment of SIP at the network operator / service provider level, and what can we do about them. The discussion will be in a room full of people from various large operators / service providers.

I have my list of topics I intend to raise, but I’m curious about what you all might say… if you were to stand up in front of a room of network operators to talk about how they could improve the security of their SIP networks… or what the major issues are that you see… what would you say?

If you have thoughts, please do leave them as comments here. As I am on the panel representing VOIPSA, I’m certainly glad to incorporate comments from the wider community.

P.S. If you are at SIPNOC this week, please do say hello!

Tekelec Blog – DNS and SIP: Threats and Protection

Over on the Tekelec blog today, Dorgham Sisalem writes on “DNS and SIP: Threats and Protection“, an area of discussion that, quite frankly, hasn’t really received much attention. DNS plays a vital role in VoIP and unified communications, and so the security around DNS and SIP definitely deserves consideration. The post is not too long, so rather than summarize, I’ll just point you over there


Dark Clouds: Can you trust the Cloud? Panel on Feb 4th at Cloud Communications Summit in Miami

CloudCommunicationsSummit __ Agenda.jpgCan you trust “the cloud” to be there for communications? What about latency issues? availability? What should you be most concerned about?

Those are issues that I (Dan York) will be discussing on a panel on Friday, Feb 4, 2011, at the Cloud Communications Summit in South Beach, Miami. The abstract is:

There’s a general consensus that Cloud Communications improves the bottom line while reducing both financial and technology risks. What about from a security perspective? This session identifies the differences between premise based and cloud based offerings from a security perspective, and provides the audience with a checklist of what to worry about as they move into the cloud. This session is appropriate for both business and technologists.

I’ll be on the panel along with folks from Rackspace, Pac-West and Path Solutions and the whole session will be moderated by analyst Dave Michels. It should be a fun discussion… if you are down in Miami, do come and join us!

WikiLeaks as a Preview of All-Out Cyberwar, Part 2 – The Escalation

Updating twothree points from my post last week, WikiLeaks as a Preview of All-Out Cyberwar. I wrote:

On the opposite site, you have the WikiLeaks organization itself moving its content to various places and among various providers… desperately seeking a way to keep itself online. But even more you have supporters of WikiLeaks downloading all the content and popping up mirror sites all over the place, trying to keep the organization’s content out there. The distributed and decentralized nature of the Internet allows easily for this type of content propagation.

Through the WikiLeaks Twitter page, they have been reporting the growth in mirror sites, most recently 507 mirrors. (Note the reported checkbox for new mirror sites.) Which, of course, provides a nice hit list to those who want to shut it down…

And every new site or domain name that pops up with WikiLeaks content becomes yet another target for those wishing to knock the organization offline.

… such as the report today that the WikiLeaks servers in Sweden are under attack.

And undoubtedly there are supporters of WikiLeaks out there who are trying to counter-attack the attackers.

UPDATE, 2 hours later: I noticed this in a NY Times piece yesterday: The collective Anonymous, an informal but notorious group of hackers and activists, also declared war on Sunday against enemies of Mr. Assange, calling on supporters to attack sites companies that do not support WikiLeaks and to spread the leaked material online.

As I wrote last week:

I think it will get uglier before it’s all over.

Indeed, TechCrunch wonders how long the @wikileaks Twitter account will stay around

Want to learn about voice biometrics? Attend Voice Biometrics Conf – May 4-5, 2010 – NY City area

voicebiocon2010.jpgWant to learn about how voice biometrics are being used today in real deployments? Want to learn what advances have been made in the technology? Want to find out how people are using it for voice authentication, identification and more?

If so, consider attending the Voice Biometrics Conference taking place next week, May 4th and 5th, in the New York City area. It’s got a packed agenda and a great list of speakers who really represent the leading edge of what people are doing with voice biometrics. (And yes, I’m one of the speakers and yes, my employer Voxeo is one of the sponsors of the event.)

The organizers of the event, Opus Research, have also really tried to focus the event on showing real-world examples of biometrics deployments. Here is a message that organizer Dan Miller sent out yesterday:

The conference agenda is now packed with use cases across many applications, verticals and government functions. Here’s the list from today’s e-mail:

T-Mobile – Deutsche Telekom’s T-Mobile is developing fast authentication to focus on building a better customer experience.

Bell Canada – The largest customer-facing deployment of voice verification with more than two million customers enrolled.

Bank Leumi (Israel) – Will present how it successfully deployed multiple applications for voice-based user authentication for customers and employees.

I DRIVE SAFELY – Hear how the company implemented a voice-based solution for enrolling students in its online drivers’ education program.

Atos Origin – IT services provider Atos Origin incorporates voice authentication into its “Help Desk” and holds promise for multiple applications inside enterprises around the world.

Centrelink – Australian social services agency who deployed a speaker verification system to authenticate access to welfare services.

Federal Government of Mexico – Learn how the federal government of Mexico has implemented a speaker identification program for use in law enforcement.

If you’re looking for a way to network with the people who have lessons to share regarding strategic, tactical, technical, organizational or even social issues that arise as they specify solutions, analyze vendors, define their projects and carry out their plans, attending Voice Biometrics 2010 will be rewarding.

If you can get to the New York area, do check out the event… registration information can be found on the event page. And if you are attending… I’ll see you there!

If you found this post interesting or helpful, please consider either subscribing via RSS or following VOIPSA on Twitter.

“SIP Trunking And Security” workshop coming up at ITEXPO on February 3, 2009

ITEXPO-East-logo-2.jpgIf you will be in Miami at ITEXPO February 2-4 you are welcome to attend a free “SIP Trunking And Security” session I (Dan York) will be doing as part of Ingate Systems’ SIP Trunking Workshops. The SIP trunking workshops are free to all attendees even if you only register for an exhibit pass.

My session will be 11:15-12:30 on Wednesday, February 3rd, and if you do attend please feel free to come up and introduce yourself (or drop me a note in advance to let me know to look out for you). I’ll be bringing my recording gear, too, and the talk will eventually go out in my Blue Box Podcast feed so you will be able to hear it later.

P.S. If you are attending ITEXPO and your company makes a product or provides a service related to VoIP security, please feel free to let me know and perhaps we can schedule an interview to go out as a Blue Box Special Edition.

Technorati Tags:
, , , , , , , ,