Story image

Kiwi company takes UC security to a multi-billion dollar toll fraud problem

31 Jan 2018

A local Auckland company is vowing to put a dent in the billions of dollars lost to toll fraud across unified communications (UC) networks.

Virsae, a cloud service management platform provider for UC, has launched a security management solution to fight back against fraud figures that can cost organisations a collective total of $38 billion, according to the Communications Fraud Control Association.

Virsae says that widespread adoption of VOIP is to blame for such a colossal loss because traditional IT network security isn’t designed to protect it.

According to Virsae COO Ross Williams, hackers are taking full advantage of poorly-protected UC networks, and they are cashing in.

“Toll fraud is just the start – though at nearly twice the size of plastic card fraud, it’s a huge problem. But it’s just one of many threats facing UC environments,” he comments.

“It’s all about money. Hackers have got you over a barrel when they can crash your UC platform with an endless flood of session requests, or clog SIP channels through repeated calling.”

Traditional software applications on IT networks are supported by AV software and firewalls, however UC networks don’t have those protections. Virsae says UC networks generally rely on session border controllers (SBCs) – but they are so specialised that some IT managers are not familiar with them.

If IT managers don’t know how to handle them, SBC management, updates and reporting are all at risk of being neglected, Williams explains.

“Organisations routinely update anti-virus and anti-malware solutions, harden infrastructure, and update policies. UC security should be managed in the same way.”

Virsae has launched its Security Manager that is built with real-time threat awareness. The company says the platform is designed to make SBC attacks more visible and to pinpoint network vulnerabilities.

“In the same way house alarms and CCTV intruder detection systems activate alarms to instantly alert homeowners, Security Manager watches and flags suspicious activity, keeping UC managers in the picture and one step ahead of the bad guys,” Williams continues.

Virsae also provides a multi-vendor UC service management platform called VSM. It manages customer experience and network infrastructure vendors including Microsoft, Cisco, Sonus, Avaya, Verint and Juniper.

The VSM provides customers and partners the ability to get to the root cause of UC, contact centre, infrastructure, and security issues. The VSM platform processes more than 9 billion service management transactions per month.

Virsae is currently showcasing Security Manager at Avaya Engage in New Orleans.

Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.