Organisations are moving over from legacy telecommunications to Voice over IP (VoIP), enabling greater flexibility, resilience and an overall cost reduction. Session Initiated Protocol (SIP) is considered to be the main VoIP protocol in the business-to-business market, but the correct implementation and configuration is not always wellunderstood. The failure to configure SIP systems correctly has led to significant fraud exploiting a range of vulnerabilities and billions of dollars every year being stolen from companies of all sizes through PBX Hacking via the medium of Toll Fraud. Previous research into this area is now dated but suggested fast-changing approaches by attackers. Industry organisations such as the Communications Fraud Control Association (CFCA) acknowledged this is a fast-growing problem. To quantify the size of the current problem, a Honeypot experiment was undertaken using a popular phone system used by businesses. The Honeypot ran for 10 days and recorded just under 19 million SIP messages. This research has identified attackers are using various sophisticated methods to attempt to gain access and trick a PBX into making calls. When comparing previous research, the rate of attack is approximately 30 times more aggressive and the countries from where attacks originate are distributed over 75 countries.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.