Communication security is an increasing concern for most business and governmental organizations. With the advent of IP telephony and other uses of the Internet, organizations now have a number of means to communicate; however, this increased communications capability has also resulted in vulnerability to the organizations by hackers who wish to gain access to the organization's communication system. Most telephony extension attacks occur for the purpose of providing unsolicited messages to an organization, for example, to advertise various goods and services. However, many extension attacks may be initiated for clearly illegal purposes, for example, to gain access to confidential organizational information.
There are a number of different types of telephony extension attacks that can be initiated. For IP telephony, SPAM over Internet Telephony (SPIT) comprises unsolicited bulk messages broadcast over IP telephony devices. SPIT is a close relative of email SPAM and SPIM (SPAM over Instant Messaging). Although SPIT is not as prevalent as SPAM, the telecommunications industry expects that SPIT will become much more of a problem as time progresses. Other types of extension attacks include denial of service, war dialing, voice mail password brute forcing, extension password brute forcing, toll fraud, and others.
Some solutions exist for addressing telephony extension attacks. Currently available commercial products are primarily rule-based resulting in limited effectiveness, and are particularly ineffective for preventing attacks that utilize IP or caller ID spoofing to mask the source of the attack. Two known commercial products include the Voice Firewall and Voice Intrusion Prevention System by SecureLogix® and Sandtrap® by Sandstorm®.
While these products may be adequate for their intended purposes, there is still a need for a solution that can detect and prevent the new, more sophisticated attacks associated with voice over IP, such as SPIT. More particularly, there is a need for a telephony extension attack solution that can detect, record, alert, and effectively prevent attacks that occur over both traditional telephony (circuit switched) and IP telephony (packet switched) communication systems.