From The Sip Trunking Experts

TMCNet:  Cyber crime: A real threat that needs to be fought [Khaleej Times (United Arab Emirates)]

[March 04, 2013]

Cyber crime: A real threat that needs to be fought [Khaleej Times (United Arab Emirates)]

(Khaleej Times (United Arab Emirates) Via Acquire Media NewsEdge) The ramifications of cyber-attacks are far reaching. Companies around the world are targeted for good reason.

There are criminal gangs, individual hackers, groups and certain governments who strive to unbalance targeted economies by disrupting business, through cutting off the supply of oil to international and domestic markets, or stalling the smooth workings of a country's financial services sector.

The Middle East has already witnessed some audacious attempts by cyber-criminals to disrupt some of the region's largest oil and gas companies. In the UAE, two of the top banks have been hit by so-called denial of service attacks, where hackers bombard a site with traffic until it collapses under the load. As a result, the Web sites of these banks were temporarily unavailable to online customers last year. The former chief of the UAE Air Force has publicly confirmed that countries in the Gulf with advanced telecommunications infrastructure, such as the UAE, are a favourite target for hackers. Past evidence has confirmed this, with Egypt and Saudi Arabia among the top three target countries for a particularly pernicious online banking virus known as Zeus.

Certainly, companies of every size in all vertical sectors need to work around the clock to defend themselves against these sorts of threats. Without preventative measures in place, any one of them could impact on the smooth working of an organisation's operations.

One of the problems of defending against cyber-threats is not just the sheer scale of attacks, but the huge number of different types of malware that experts identify; 1,200 a day is not an unusual count, one per cent of which will be a new malware strain, never before seen. The attack vectors are regularly changing and the threat landscape constantly shifting.

Spear-phishing is one of the latest techniques where an e-mail is disguised by a hacker, luring the victim to open an attachment or link that infects a device with malicious software. Smartphones are just as vulnerable to cyber-attacks as a desktop computer or laptop, and cyber-attacks on mobile phones rose by a factor of six this year, data security company McAfee has confirmed. Growing numbers of people now use their smartphones to access their personal bank accounts, and to remotely access business files. As they do, more cyber-criminals will begin to target them. In fact, data security experts predict that employees' private mobile devices that have access to company networks will become a number one target for cyber-criminals in 2013.

According to security analysts, the most notable trends will be new examples of cyber-warfare operations, increasing targeted attacks on businesses and new, sophisticated mobile threats. Android's growing popularity among smartphone users means this platform, in particular, is becoming a prime target for cybercriminals.

Few people have yet experienced a mobile malware attack, and even fewer have suffered any significant consequences. While this is re-assuring, it raises the risk of a lack of vigilance and a lack of caution by users.

One of the most serious mobile malware attacks was one of the earliest. In 2002, an attack on phones on the Japanese Docomo network was used to engineer a denial of service attack against the emergency services by swamping them with spoof calls. At that time, Docomo had the most advanced mobile network in the world. Fraudsters in the mobile domain have favoured implanting rogue diallers on mobile devices to call premium rate numbers that profit the fraudsters. However, mobile platform vendors have tried to prevent malware from installing itself on mobile platforms and these efforts have so far prevented widespread malware infection.

Malware attacks in the mobile arena will no doubt follow their Internet counterparts, however, and focus on fraud and theft. This puts the mobile banking and mobile payments industries in the front line of the battle, along with telcos that will be targeted with rogue dialler attacks. Hackers will direct their main effort into the most lucrative forms of attack, which may be measured either by the value of a fraud or the volume of attacks that can be driven by a single offensive. This means that the banking industry will need to pay particular attention to validating money transfer instructions, whether initiated within a mobile banking session or by a mobile commerce payment instruction. The risks are greater when the user has the ability to initiate new payment routes, rather than simply transferring more money across an existing payment authorisation.

The threat to mobile banking will emerge when the volume of mobile banking users reaches the viability threshold needed to reward hackers for their effort. No technology-based approach that facilitates large-scale access to financial systems and the personal assets of its customers can remain immune from attack. That notwithstanding, protection needs to be put in place that makes successful hacker attacks difficult to achieve and at the same time reduces to a minimum any associated financial gains. Hackers continue to attack the weakest system links that they can find and it is incumbent upon mobile providers, the financial services sector, and the security industry to ensure that the use of mobile devices to transact business remains as safe as possible.

Although the volume of incidents so far has not been large, the industry is now at the point where adoption of mobile banking services will attract hackers to some potentially rich pickings. Banks, mobile device vendors, and mobile network operators need to cooperate to address the issue.

The author is the chief commercial officer of du. Views expressed are his own and do not reflect the newspaper's policy.

(c) 2013 Khaleej Times. All Rights Reserved. Provided by an company

[ Back To SIP Trunking Home's Homepage ]

Subscribe here for your FREE
SIP TRUNKING enewslettter.

Featured Partner

Featured Whitepapers

SIP Security for the Enterprise
Voice over IP (VoIP) is incorporated into a variety of computer networks, both public and private, and used for everyday transactions and communications among carriers, businesses, government agencies...

Voice-Optimized Network Delivers Premier Call Experience
Customers equate call quality with business quality. Real-time communication, interpersonal interaction, and the cordial tone of a call center representative can create a positive impression of your business that no email can match.

Featured Datasheets

Ingate SIParator E-SBCs
Adopting SIP is a simple process with the Ingate SIParator, the secure enterprise session border controller (E-SBC). The SIParator makes secure SIP communications - including VoIP,SIP trunking and more - possible while working seamlessly with your existing network firewall.

Ingate Firewalls
Everyone is talking about enterprise usage of VoIP, instant messaging and other types of realtime communications including presence and conferencing.

SIP Trunk Solutions for Service Providers
The award-winning Ingate Firewall and Ingate SIParator deliver a high quality, reliable SIP trunk connection between the customer's IP-PBX and the service provider network, and solve interoperability issues to simplify deployments and support for remote diagnosis of reported issues.

Featured Case Studies

Case Study - Haiti
With this solution our doctors were able to reach anywhere in the world quickly and easily, to get consults from colleagues, facilitate treatment, order supplies 'on the fly' and also help victims report back to families. The solution from Business Mobility Systems and Ingate worked immediately.

Case Study - Turkish Petroleum
"With one Ingate at the customer headquarters, all of their remote workers can enjoy the benefits of Turkish Petroleum's IP-PBX from anywhere in the world.

Case Study - GCM
"The Ingate solution overcomes the NAT traversal hurdle and makes it possible to connect customers to our VoIP service, without the need of costly leased lines or support intensive VPN tunnels.

Case Study - Kool Smiles
"Ingate's solutions provide the advanced level of security necessary for this medical environment and the tools to make the interface to the service provider hassle-free."

Case Study - NMSAS
"This solution really saved the day for us," said Paul Mercier, IT Administrator, NMSAS. "We needed to leverage SIP trunks to reduce costs, and they had to work with our existing Microsoft OCS investment."

Discover Leisure Connects Remote Users to its IP-PBX
Discover Leisure is one of the largest resellers of caravans and motor homes in the UK. With 15 branch of?

Featured eBOOKS

Internet+: The Way Toward Global Unified Communication
Connecting the telephony of the enterprise PBX or Unified Communications (UC) system using SIP trunks instead of conventional telephone lines has been very successful in recent years.

What is SIP Trunking? Edition 2
SIP trunking is becoming more of a focus for service providers. One key issue many service providers face when deploying SIP trunks is NAT, or Network Address Translation, traversal.

What is SIP Trunking? Edition 1
A vast resource for information about all things SIP - including SIP, security, VoIP, SIP trunking and Unified Communications.

Featured Videos

E-SBCs AS The Demarcation Point:
Ingate's Steve Johnson talks to Erik Linask about the role session border controller plays as the demarcation point at...

Demystifying DPI
How can deep packet inspection protect your SIP traffic as well as your entire network?

Featured Resources

What's New

Presenting the New Ingate/Intertex Website:
Internet+ is an extended Internet access allowing high quality SIP (Session Initiation Protocol) based real-time person-to-person communication, everywhere and for any application. It applies to both fixed and mobile networks ...

Featured Blogs

Featured Webinars

Secure SIP Trunking:
What You Need to Know

Successfully Deploying Enterprise SIP Trunking:
Tools and Techniques for Overcoming Common Roadblocks

Featured Podcasts

Getting the Most Out of Your SIP Trunks:
Ingate's Steve Johnson and TMC's Erik Linask discuss how best practices forgetting the most out of SIP Trunking services and common pitfalls to avoid.