UK businesses are paying out £100,000,000 per year (based on 2015 figures) towards covering the costs of Phone hacking, otherwise known as Phreaking.
But what exactly is Phreaking?
Phreaking was first seen around the 1960s and 1970s, where those technically savvy sought to gain free calls through hacking telecommunications systems, sending telecom engineers into a frenzy to fix things before the costs racked up. Up until the 1980s it was seen as a semi-respectable activity among hackers, it was considered an intellectual game, but over the years it has turned into a much more malicious activity with organised crime using hackers to steal call minutes particularly to international numbers, and create sky high bills for companies.
These days hackers can and will hack into any telecommunications system through the phone system, voicemail or remote programming portal, whether your lines are analogue, ISDN, or SIP. For companies thinking they are safe having VoIP lines, they are sadly mistaken. All a hacker needs is your VoIP password to get access to your system and take advantage.
Hackers will set up auto-diallers to test dial and gain access to voicemail boxes or have sophisticated software looking for phone systems public IP addresses, VoIP or SIP details, and then identify passwords. These auto-diallers can then use the lines they have accessed to repeatedly dial out to premium numbers, or expensive destinations. Most calls are made over weekends, overnight or on Bank holidays when businesses are not operating, therefore less immediately aware there has been an attack.
If your system has been compromised you will not notice any difference on the lines themselves, or to your phone system, the first time you will notice something has happened is when you receive the bill illustrating the excess and costly calls.
So how can you prevent it?
Unfortunately, there is no way to completely prevent having your lines hacked, however there are ways to reduce the risks. The following are just 4 ways we at LTS can help you reduce the risk:
- Set call barring features on your phone system e.g. International calls
- Lock voicemail ports
- Set alerts on the lines for unusual call patterns
- Provide you with information and ways to educate your staff about phone security
You can also help yourself by regularly changing your passwords, use complicated passwords and not generic ‘1234’ or ‘0000’ passwords, or those that come as standard with your phone system. If you have dial in conference facilities on your phone lines, make sure to keep them turned off until required or regularly change the access codes never repeating the same code.
As mentioned, the first time you will notice a problem is when the bill comes through, and regrettably you are the one in law who is liable for that bill. It is a company’s legal obligation to keep on top of their own security and that includes the security of the telephone lines and computer network, therefore any breach in that security is held against the business.
We will shortly be launching a Phreaking protection service to help reduce the risk for your business. All you need to do is give us a call and speak to a member of staff, who will go through what you currently have in place, suggest any improvements, and provide you with all the information you need to protect your business. Do not wait until it’s happened to you, because by then you could be busy paying off a £15,000 phone bill for calls you never actually made!