VoIP Gateways Article

Securing VoIP Gateways to Ward off Fraud

January 31, 2017

Economic fraud and cybercrime are on the rise, and consequently, VoIP calling and services are also under increased attack. As more companies adopt VoIP services and solutions due to their benefits and ease of use, new opportunities for fraud and hacking present themselves to malicious individuals.

In South Africa, one of the largest fraud problems for telecom operators is attempts by foreign nationals to use reverse billing for profit. This can occur through a number of methods, including service abuse, through which someone signs up for a VoIP service under an assumed name, runs up a large bill through service consumption, then doesn’t pay.

VoIP gateways can also be all too easily flooded with attempts to register fake off-premises extensions, which then may be used to make calls. Hackers can also request gateways directly call SIP addresses correlating to outside numbers, providing access to the gateway. And voicemail systems offer yet another unsecured entry point into a VoIP phone system, particularly when passwords are left as a default option or a generic password is used and is easy to crack.

Thankfully, there are a number of steps businesses can take to secure their VoIP gateways and protect themselves from fraudulent calling activity and hacking. According to beroNet, a company specializing in VoIP gateways, companies can ensure their gateways are secure by following several recommendations to ensure their VoIP systems are configured as safely and securely as possible.

We already discussed the importance of voicemail passwords, and gateway passwords should follow the same rules. Customers need to generate strong passwords as a first line of protection for their gateways. Another important step is to deactivate the bfdetect feature on a gateway once it has been used. This feature lets customers find and manage their IP settings and should be used once during setup, then deactivated to ensure outsiders can’t gain access.

The HTTPS connection secures online transactions and is equally important in VoIP security. By maintaining an encrypted connection from the VoIP gateway to the LAN, customers can ensure hackers don’t steal credentials during a login attempt. Other important settings changes include ensuring SSH is deactivated when not in use, as it enables another back door for network entry. The default SIP bind port should also be changed from the default setting as an added layer of protection.

Additional important recommendations for protecting a VoIP gateway include placing it behind a firewall, accessible only from the LAN. Port forwarding should also be configured securely and, if general Internet access is granted, then ACL must also be securely configured, preventing everyone but administrators from accessing the gateway.

Fraud is an unfortunate fact of life and there will always be malicious individuals and hackers who exploit weaknesses for profit. By taking the appropriate steps to secure VoIP gateways, businesses can ward off unwanted activity and the expenses and vulnerabilities that come with it.

Article comments powered by Disqus