I live in a gated community, but I still lock my doors.
My LinkedIn connections may have noticed that I list two current jobs. My day job is Client Experience Innovations at Avaya. That’s a fancy way of saying that I am paid to dream up and prototype new ways for people to connect and collaborate. My latest creation involves placing multi-functional cameras in NICUs (Neonatal Intensive Care Units) to allow parents to see and speak with their premature babies.
My second position is that of Technical Advisor to Assertion – a communications security company. This is an unpaid position that I accepted simply because I believe in what they are doing. I have been working with and talking about SIP since the late 1990s and am always happy to do what I can to help make SIP a secure and reliable choice for enterprise communications.
The Bad Hats are Hungry
You would have to live under a rock to not be aware of the recent ransomware attack on Colonial Pipeline. I believe that they ended up paying $5,000,000 to Russian hackers to remove the malware and bring their systems back online. I won’t get into the argument about whether or not they should have paid the ransom. Even if they didn’t, the attack caused a significant loss of revenue and was responsible for a major disruption in the gas supply across multiple states.
While these ransomware attacks are not the same as those perpetrated on business communications platforms, they underscore that the bad hats are out there, and they are looking at every possible avenue to exploit weaknesses. They are like house burglars. If they can’t get in through the backdoor, they will try the windows.
Working with the folks at Assertion I have learned a lot about SIP vulnerabilities, and I came into the picture knowing quite a bit. I have witnessed firsthand how a seemingly innocuous change to an SBC’s configuration can open up a hole wide enough to allow an entire army of hackers to come through.
Much of this knowledge has been acquired by setting up SBC honeypots that have been designed to attract hackers and watch their behavior under controlled situations. For example, something as simple as improperly configuring how SIP User-Agent headers are processed can have devastating effects. Not setting rate limits on failed registration attempts can result in hackers making tens of thousands of dollars’ worth of telephone calls
SBC Audit
At the core of Assertions business is their cloud-based SBC hardening solution. This is an online tool that executes a thorough and comprehensive scan on an enterprise’s SBC or SBCs. The result is a detailed audit that not only points out security weaknesses, it describes how to eliminate them.
In addition to a check of an SBC’s configuration, the tool does a deep dive into the logs to identify current and past security breaches. I have personally seen how it can correlate events and patterns in ways that no human could. This is especially true on a busy SBC that may have millions of log entries.
Who Doesn’t Like Free?
Running an Assertion SBC scan is safe, simple, intuitive, and best of all, the basic report is free. In many cases, the free report is all you need, but Assertion offers paid services and subscriptions to provide even more details and remediation. I’ve run the tool on multiple occasions and have looked at every report type it produces and can honestly say that it has found things I never would have discovered on my own. My guess is that any enterprise that runs a scan will be surprised at just how vulnerable their SBC is.
Mischief Managed
As I said, I don’t get paid for any of this and I’ve been acting as technical advisor for a year. For me, this is both a labor of love and feeling of responsibility to the world of communications that I care so much about. Perhaps I am just a glutton for punishment, but I really don’t think so.
If I’ve piqued your interest, please head on over to https://assertion.cloud and start a free scan of your SBC today. The process is painless, and you may be very surprised at what you learn. I know that I was.
Tao, Zen, and Tomorrow 