Recent Voicemail Hacking allegations at Murdoch News World exposes new Vulnerabilities in Communication Networks July 8, 2011
Posted by admin in : Uncategorized , comments closedRecent coverage on voicemail hacking at “The News of the World” has exposed new set of vulnerabilities and threat vectors that can plague telephony networks. Allegations continue to multiply over its journalists hacking into voicemails of thousands of people from child murder victims, war victims, members of the royal family, parliament and other important dignitaries. Sensitive conversations were either phone tapped or voice mails hacked into to gather dirt material that eventually made it into the tabloids. According to latest coverage on the topic, the magnitude of the scandal has resulted in a decision to close the “The News of The world” paper.
In this global information age, the power of early access to information by perpetrators through malicious means often is a pre-cursor to more sophisticated illegitimate activities such as insider trading activities, leakage of sensitive information, stealing of company trade secrets, industry espionage or press tabloid materials as in the above case.
The growing prominence of IP- based communication networks and applications are empowering the user with ubiquitous instant-on connectivity, communications and collaboration with any person from any device, any location and at any time. This powerful user experience was never possible before and is now achievable through all pervasive and standard based IP networks. As a result, the conventional definition of perimeter security defense no longer exists. Any weakest link in the end-2-end communication leg can now effectively become the prima facie point for perpetrators to conduct malicious activities.
The stakeholders must understand that securing IP based communication networks and applications present unique security challenges that are vastly different and much stringent when compared to securing data applications – requiring near- zero false-positives and negatives, possessing deep understanding of call control (and services) stacks, device tracking, user/ application analytics, firewall capabilities possessing deep understanding of voice/video and UC protocols. The pervasiveness of IP-based communication networks makes it just much easier now to carry the hacking activities – wiretapping into conversations, brute force crawling and identifications of legal usernames/ extensions, illegitimate call pattern tracking, interception/rerouting of call traffic to hacker locations, presence tracking, stealing confidential voice messages from specific individuals (or extensions) are just few examples of security threats that can plague VOIP/UC networks if proper security measures are not enforced.
RedShift Networks honey pot research conducted over several months has indicated several threat vectors open in the wild today ranging from Voice/UC Denial-of-Service (VDOS/UC-DOS) attacks, SPAM over Internet Telephony (SPIT) attacks, Eavesdropping, Spoofing, Number Harvesting, Protocol Fuzzing, Toll Fraud, SQL Injections, Media tampering and a myriad of UC Infrastructure and Application layer threats. All these new threat vectors go completely undetected using existing protective solutions. Gartner in their recent study strongly recommend the use of SIP-aware Firewalls to protect your communication networks. For more information about RedShift Networks, products and services, please visit www.redshiftnetworks.com.
Ref — http://news.yahoo.com/uk-soldiers-targeted-murdoch-phone-hacking-scandal-report-030337129.html
Use of Side channel attacks on High Frequency Trading networks to profit Millions of Dollars January 11, 2011
Posted by admin in : Uncategorized , add a commentHigh frequency trading networks which complete stock transactions in micro seconds can be vulnerable to manipulation by the hackers for unfair advantage. By inserting small amounts of nuisance packets and thereby latencies to the otherwise good traffic can subtly alter the course of the trading decisions resulting in pocketing millions of dollars in a matter of few seconds. A few extra milliseconds can enable trades to execute ahead of the competition, thereby increasing profits for the hackers.
With the growing adoption of VOIP technologies, ubiquitous connectivity, sophisticated online betting (and trading) algorithms, a sub micro second delay can result in enough perturbations to cause severe losses!!
The scary part is that there is no adequate security solution in the market today to adequately combat this threat. Traditional rate based controls that Session Border Controllers (SBC) provide are good in detecting DOS attacks when there is a sudden upsurge in malicious traffic coming from a specific IP source. However, a side-channel attack is infinitely more subtle, as it adds just enough nuisance packets to a legitimate data stream to slow the data just enough to give someone else a chance to move first in the market. And these attacks can be simultaneously triggered from multiple random source locations making the detection even much harder.
What is need is pretty much a self-guided learning and mitigation system that automatically figures out such nuisance traffic in real time; no matter where it comes from, what packet granularity it may arrive in or at what rate it comes in; thwart it, blacklist the offending source locations while allowing legitimate business traffic to operate uninterrupted at mission critical latencies. This will be the true utopia security solution required to protect such high frequency trading networks against these attacks.
Ref — http://www.infoworld.com/d/the-industry-standard/hackers-find-new-way-cheat-wall-street-everyones-peril-699?source=IFWNLE_nlt_daily_2011-01-06