Story image

Kiwi company takes UC security to a multi-billion dollar toll fraud problem

31 Jan 18

A local Auckland company is vowing to put a dent in the billions of dollars lost to toll fraud across unified communications (UC) networks.

Virsae, a cloud service management platform provider for UC, has launched a security management solution to fight back against fraud figures that can cost organisations a collective total of $38 billion, according to the Communications Fraud Control Association.

Virsae says that widespread adoption of VOIP is to blame for such a colossal loss because traditional IT network security isn’t designed to protect it.

According to Virsae COO Ross Williams, hackers are taking full advantage of poorly-protected UC networks, and they are cashing in.

“Toll fraud is just the start – though at nearly twice the size of plastic card fraud, it’s a huge problem. But it’s just one of many threats facing UC environments,” he comments.

“It’s all about money. Hackers have got you over a barrel when they can crash your UC platform with an endless flood of session requests, or clog SIP channels through repeated calling.”

Traditional software applications on IT networks are supported by AV software and firewalls, however UC networks don’t have those protections. Virsae says UC networks generally rely on session border controllers (SBCs) – but they are so specialised that some IT managers are not familiar with them.

If IT managers don’t know how to handle them, SBC management, updates and reporting are all at risk of being neglected, Williams explains.

“Organisations routinely update anti-virus and anti-malware solutions, harden infrastructure, and update policies. UC security should be managed in the same way.”

Virsae has launched its Security Manager that is built with real-time threat awareness. The company says the platform is designed to make SBC attacks more visible and to pinpoint network vulnerabilities.

“In the same way house alarms and CCTV intruder detection systems activate alarms to instantly alert homeowners, Security Manager watches and flags suspicious activity, keeping UC managers in the picture and one step ahead of the bad guys,” Williams continues.

Virsae also provides a multi-vendor UC service management platform called VSM. It manages customer experience and network infrastructure vendors including Microsoft, Cisco, Sonus, Avaya, Verint and Juniper.

The VSM provides customers and partners the ability to get to the root cause of UC, contact centre, infrastructure, and security issues. The VSM platform processes more than 9 billion service management transactions per month.

Virsae is currently showcasing Security Manager at Avaya Engage in New Orleans.

Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Spark Lab launches free cybersecurity tool for SMBs
Spark Lab has launched a new tool that it hopes will help New Zealand’s small businesses understand their cybersecurity risks.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t.