Nearly half of UK businesses don’t have proper security for their telephone systems, according to telecoms provider Damovo – despite the fact that 40% have faced security threats in the last 12 months. And in most cases, this is because we don’t realise it’s an issue. It’s easy to understand how burglars can get through your window, and it’s easy to appreciate the risks if hackers get into your computer systems – but who’s going to rob you blind via your phone lines?
All sorts of people, as it turns out. On a very simple level, this might involve your cleaner picking up the phone at night and calling their cousin in Brazil for an hour. At a more technical level, it might mean external parties hacking into your telephone system via the virtual exchange or voicemail boxes to make unauthorised calls. ‘Hacking is not just an activity limited to data networks and PCs,’ says Damovo’s UK MD Nick Dean. ‘Organised criminal units constantly look for vulnerabilities in voice networks to exploit and profit from.'
And if you don’t have the right restrictions in place, this can be an expensive business: Damovo’s survey of 1,000 businesses found that 61% of companies with over 400 employees had incurred losses above £5,000, while 35% had lost more than £10,000. A small number even confessed to losses of over £50,000.
The problem is that even if firms monitor their outgoing calls (which lots don’t), they might be too slow on the uptake to prevent big losses – Damovo cites one company that lost £10,000 in a single weekend on calls to Afghanistan. And even if you bar international voice calls, people can often circumvent this by dialling via a fax or modem line (which won’t usually have the same restrictions). Or at least, that’s the rationale behind Damovo’s new system, which provides managers with an instant alert when dodgy calls are being made.
It’s also on the warpath against internet bridging, a practice we’ve never heard of whereby employees plug their computers into an analogue phone line and get online via a dial-up connection – this ingeniously allows them to bypass their office firewall, so they can access naughty websites and download content from the web. Problem is, they might be accidentally downloading viruses at the same time – which could cripple your data network. Again, this can be easily avoided by blocking all the ISP dial-up numbers.
Basically, there are all sorts of ways in which ne’er-do-wells can take advantage of dodgy security on your phone system. Ignoring the issue could be an expensive mistake...