VoIP facing fraud threat
Data managers lack experience to tackle toll fraud
VoIP systems will be left open to abuse because data managers are not aware of the scale of fraud against comms networks and lack the experience to combat it.
Dave Woods, head of fraud control at Azure, BT's revenue assurance business, said Lan security would make it more difficult to eavesdrop calls. "But from a fraud point of view, there's nothing inherently safe about VoIP switches."
Telcos are reticent to discuss the scale of comms fraud. A survey of 130 telcos by the Federation of International Irregular Network Access, counted the cost at $40bn a year. VoIP systems are increasingly the responsibility of IT managers.
Peter Aknai, senior technology consultant at comms consultant Analysys, said large enterprise voice systems would require a dedicated manager even in IP, but the demands could leave some voice managers out in the cold, along with their experience.
"Many are somewhat older, and will ask whether they want to make that move into IP," said Aknai. "There's a danger that in the transition from legacy voice to next-generation networks, PBXs could be hacked for fraudulent purposes."
Telecoms fraud against enterprises takes two main forms: abuse of facilities by staff or contractors, and dial-through attacks where hackers seize control of a switch and route their own calls through it.
"It's the highest value telecoms fraud issue around the world. About 40 per cent of the $40bn represents fraud against PBXs," said Woods.
Tony Newbolt, network and comms manager at the Royal Borough of Kingston, said a good data manager would always question the integrity of any network. "But if someone hasn't seen patterns of fraud before they could just set it up and leave it running," he said.
Woods would not say whether Azure had detected hacks on VoIP switches it monitors, but a source close to BT said crime against IP telephony systems had begun.
Allan Scott, director of converged solutions at Avaya, said IT managers need to get a better understanding of comms fraud. "Toll fraud is relatively new to people in data management."