January 1 to October 28. No, this isn’t just the bulk of your work year. It’s the time that could pass before a breach on January 1st is identified and contained – a total of 287 days, as per IBM’s 2021 Cost of a Data Breach Report.
We’ve seen Session Border Controllers (SBC), perimeter devices critical for VoIP security, being probed just five minutes after they go online, and their breaches going undetected for months. Part of the reason for this is the false belief that ‘security devices’ like SBCs don’t need to be secured, but a bigger issue is missing the actual price of NOT paying attention to SBC security.
SBC and VoIP security: 5 ways an unsecured SBC could be leaking money
In our experience of scanning and studying hundreds of SBCs from across the world, we’ve seen precisely what an unsecured SBC translates into. Let’s put this into perspective.
1. Losses to toll fraud
$220,000. That’s how much one of our customers, a major healthcare organization, lost to telecom bills in a toll fraud attack on them last year.
We discovered 17,320 toll fraud calls in a period of one month. It’s not easy for such companies to actively detect and block these attacks – premium-rate numbers are constantly changing and blocking calls to international destinations is impossible for global organizations.
We helped the customer block and prevent these calls using the Assertion® SBC Guard™ – which uses threat intelligence to track the latest premium-rate numbers from across the world.
2. Agent and IVR time wasted
If you’ve ever answered your phone to an automated message followed by silence or vice versa, you know what a robocall is. There’s no escaping them. We’ve seen upwards of 100K robocalls to Enterprises in the span of a single month!
In the case of contact centers, it’s not hard to see how the losses pile up, in some cases as high as $200K per year! Even in a UC setup, junk calls targeted at your UC users can run into hundreds of hours on an annual basis. Even with a modest 1000 junk calls a month, companies could be looking at a productivity loss of $20K annually.
3. Vishing scams and TDoS attacks
In fishing, scammers use VoIP calls and social engineering and multi-modal methods to collect pieces of seemingly harmless information from agents or employees that can together, become valuable PII. Ransomware is the biggest impact of this type of fraud.
Telephony Denial of Service (TDoS), though less talked about than traditional DoS attacks, can also have serious financial implications. By flooding VoIP systems with calls, these attacks are used to target critical services, like ICU phone lines in hospitals – either to find a breaking point to enter the system, or even to harass the business for ransom.
4. Remote worker break-ins
When you open your SBC up to the internet for remote workers, you expose it to attackers who will try to register as legitimate users. Once they manage to do so, they can extract the contact book, access call activity, or use the extension for spying or eavesdropping. They could even make toll fraud calls from the compromised extension.
In our experience, we’ve seen enterprises lose up to $40,000 per remote worker exploit.
5. Regulatory compliance issues (OFAC and Kari’s Law)
Kari’s Law mandates that companies comply with specific requirements for 911 emergency calls. Failing to do so could result in fines of up to $10,000. Compliance failures where the dispatchable location information was missing, or where the PSAP call back failed for emergency calls are easy for companies to miss.
OFAC regulations require companies to have policies and procedures in place to monitor inbound and outbound calls to and from barred countries, and report/escalate incidents as appropriate. Non-compliance can result in fines of up to $20 million.
Complex challenges demand comprehensive solutions
As you can see, navigating the VoIP security landscape is complex – there are multiple risks and massive repercussions. And then there are complex devices like SBCs that bear the brunt of these risks.
An SBC that’s secured, configured dynamically, and monitored continuously, can help minimize the money and time companies lose to toll fraud, robocalls, VoIP scams, remote work break-ins, and compliance failures.
And this is exactly where companies need to leverage automation, AI, and integrated cybersecurity. In fact, organizations with fully deployed security AI and automation experienced breach costs nearly 80% less than organizations without them.
Listen to the NSA: Invest in perimeter security
Investment in your SBC’s monitoring and security is key to handling the complexity of today’s VoIP landscape. That’s why the NSA highlights perimeter security as one of the top focus areas in its VoIP security guidelines.
The cost of not securing your SBCs far outweighs the investment in preventive/proactive threat detection & monitoring – especially given that 29% of the cost of a breach is spent on detection and escalation alone – after the breach. The best security investments should help you implement NSA’s VoIP security guidelines, and give you visibility into the health and security of your SBCs. Solutions like Assertion® SecureVoice™ can slash threat detection time to minutes while providing you with real-time threat and attack visibility that your Voice team needs to make informed decisions regarding the cybersecurity of your organization.
If you have any questions on SBC security or how you can help your teams better implement SBC security best practices within your UC and CC networks, please get in touch with us.