Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
VoIP Privacy April 2007 About BroadSoft • Hosted PBX / IP Centrex • Bus. Trunking • Residential Broadband • Mobile PBX VoIP Application • Voice and Multimedia Software Partner of Choice • Leading IMS Vendors • E.g., Ericsson, Lucent • 5 of top 6 TEMs OEM BroadWorks • Founded in 1998 • Commercially Deployed 5+ years • Profitable Market Leader Most Deployments • 250+ Fixed & Mobile Service Providers • 7 of top 10 (and 13 of the top 25) global carriers 2 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute Leading Global Customer Base 7 of top 10 and 13 of top 25 global carriers 3 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute What is VoIP? • Consumer – Voice Over the Internet • Vonage, Skype etc Internet • Business – IP based PBX systems – IP Centrex Systems • Switching occurs in the service provider network IP Network 4 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute Significant Global VoIP Subscriber Growth 165 150 135 Subscribers (M) 120 105 90 75 60 45 30 15 0 2005 2006 2007 2008 Source: Ovum & Infonetics, 2006 2009 5 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute Current VoIP Privacy Issues • Normal Data Attacks – DoS Attacks on data networks brings down all applications including data – Open source PBX’s have known buffer vulnerabilities • SIP Vulnerabilities – – – – Registration hijacking Message tampering Session tear-down VoIP targeted DoS attack 6 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute Current VoIP Privacy Issues • SPIT (Span over Internet Telephony) – Imagine your voice mail being filled up with Viagra adverts? – Huge potential for issues – Not many real world instances • Vishing – Phishing using telephony – VoIP lowers the cost of Vishing – Small scale today – Already attacks on Paypal 7 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute Current VoIP Privacy Issues • VoIP Hacking – One instance of brute force hacking in 2006 – $1M fraud: Offender behind bars • Eavesdropping – Man in the middle attacks – Similar techniques already in place by security services for Lawful Intercept 8 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute And Lastly……Stealing Minutes • Phreakers – Phreakers break into gateways to steal minutes – 200M mins/month stolen worth an estimated $26M/month* – Transport networks now moving to private connectivity to avoid Phreakers * Source Stealth Communications 9 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute Current State of Play • All the afore mentioned problems have either been solved or are close to being solved by session boarder controllers – Also addressed in IMS • Service providers are implementing or have implemented security systems • Businesses building their own VoIP networks will have to be extremely careful about implementation 10 ©2007 BroadSoft®, Inc. Proprietary and Confidential; Do Not Copy, Duplicate, or Distribute