The forgotten backdoor into your computer network

On Monday 19th June, our Junior Software Developer, and I attended the inaugural Norfolk Cyber Security Cluster meeting. The cluster has been set up by David Higgins, an award winning Cyber Security consultant, to encourage cyber security knowledge, skills and capabilities for businesses within Norfolk.

We heard from three different speakers taking us through the risks, what’s going on inside the mind of a hacker, and the one that I found most fascinating being Telephone System Network Security Consideration, known as the “forgotten backdoor into your computer network.”

When I think of Cyber Crime I think of phishing, ransomware and things such as credit card fraud. Well actually the biggest one that I’m sure we all are aware of isn’t necessarily at the forefront of our mind when protecting our data is your telephone system. It’s also greater than credit card fraud too. Paul Marriott from Eastern voice and data talked us through:

“It is believed that telephone fraud is costing in excess of £1.5 billion a year.”

What’s making your business vulnerable to telephone hacking?

  • Leaving your security access passwords in default mode, eg. “0000”. Did you even known you had a security access password? If you didn’t then you need to change your password from
  • default – and sooner rather than later.
  • Routers can be incorrectly installed
  • Leaving open vulnerable ports
  • Major network providing installing fibre lines but haven’t actually locked down your router

 

Soft targets – These are users with high staff turnover. Information isn’t communicated and passed down between new members of staff meaning telephone information can be unknown to many employees.

The steps to take to prevent telephone hacking:

  • Select your supplier carefully – do your research! You can find reliable suppliers on crown commercial website
  • Review your current setup
  • Set up call barring
  • Passwords regularly changed
  • Deploy pin access
  • Find out if you have fraud protection on your lines and find out why if you don’t?
  • Look at your phone bill to see what’s going on! You would look at your card bill, wouldn’t you?

 

TIP: Be careful of telephone numbers beginning with “079”, you can incur connection charges for around a minimum of £20.00 before any conversations take place. Some people are using these numbers to call you and enquire, asking you to phone back.

To ensure maximum security:

  • Gamma Horizon Clouse Base System

The most secure phone system, a cloud based solution will provide high level security at network level, ensuring abnormal activity can be detected and stopped.

  • Secure SIP (session integration protocol)

A different type of channel (phone line) and is more secure.

There are plenty of points to take away from this to prevent your company from phone fraud. If anything, I really suggest you make sure security password isn’t on default, and to find out if you have fraud protection on your lines!

David’s next event will take place on Monday 17th July on the topic of “GDPR – Compliance for SME’s & Security for Cloud Computing.” Click the below link for details: https://www.norfolkcyber.net/cluster-meetings/gdpr-compliance-for-smes-security-for-cloud-computing-34161081715/

Words by Rain

Leave a Reply