Telephone system hacking is as old as the telephone it’s self. From climbing telephone poles like our favorite Eddie Albert’s character Oliver Wendell Douglas on the 60s TV show Green Acres to the latest high profile FEMA phone system hacking, making free phone calls has not lost it’s appeal. Most hacker calls being made are going to the Middle East to countries like Afghanistan, Saudi Arabia, India, Turkey and Yemen, Once a system has been hacked the code is often sold on the street. From small businesses to the phone companies, hacking is big business. How big can a hacking problem get? Consider Edwin Pena. He set up two companies Fortes Telecom Inc. and Miami Tech & Consulting Inc. and through sophisticated hacking and VoIP call routing, profited over one million dollars back in 2006. With today’s sophisticated VoIP phone systems hackers have more opportunities then ever before. Below is a list of 10 ways you can help protect your company from hackers. 1. Hire a company to do a thorough security analysis of your phone system security. If you can’t afford a $ 12,000.00 phone bill from hackers your company may need this more then a large company. 2. Hackers that left FEMA holding the bag for $ 12,000.00 recently used the Voice Mail system to get in to the system. Make sure your voice mail system does not have the default passwords and that out bound calling features are turned off or addressed. Many voice mail systems can make out bound calls to notify you of messages. This can be used to make calls through your phone system. 3. Old voice mail boxes need to be deleted. If your business is like most, people come and go but voice mail boxes remain active and do not get removed. Delete all old voice mail boxes. 4. DISA is a phone system feature designed to allow companies to use their phone systems to place out going calls remotely. DISA or Direct Inward System Access allows just that. Access to your phone systems telephone lines through the phone system. It was developed long before Cell Phones as a way to reduce old expensive telephone calling cards. Really a favorite among hackers. 5. Auto Attendant used for routing calls can also transfer calls to off site locations make sure if you aren’t doing this that this feature is turned off. If you are using it this feature change your passwords frequently. 6. Call forwarding to outside numbers is another feature while wonderful for working remotely leaves open a window of opportunity. Make sure who ever needs this feature really needs it and make sure this feature is turned off for everyone else. 7. Operator transfers are another way hackers can use your phone lines to make calls. A caller posing as a telephone company repairman will call and say he is testing the phone lines and if the operator would please transfer them to 910333 or 910XXX— these are access numbers to Sprint or any other phone company to make calls direct through your lines through the phone companies network. The phone company will then bill back the call to you at the most expensive calling rate. For more on this check out Sprint’s Corporate security guide. 8. Old Direct Dial Numbers that are no longer being used should be removed for your phone systems numbering scheme until needed again. Hackers are looking for anyway in to your systems. 9. Conference Call Systems and Conference Bridges should be password protected. Hackers can get in to conference bridges to listen to sensitive corporate information. Use in house bridge as opposed to an out side conference call service for maximum protection. An in house conference bridge can be placed behind your company’s firewall and passwords can be changed for every conference. 10. Call Accounting Software such as Tapit Call Accounting can help reduce un authorized phone calls. The Tapit Fraud alert module alarms you when set calling parameters are being breached by sounding an alarm and a text message. For more information on how you can protect your phone system call Telcom & Data at 800-335-0229 or visit www.telcom-data.com
10 Ways to Reducing Exposure to Telephone Hacking
This entry was posted on May 9, 2015.