Not the kind of news you want to see about the guys who just hacked into your communications lines -- in addition to being malicious hackers, they have terrorist ties as well.
Last November InformationWeek reported that four people arrested in the Philippines for hacking into the trunk lines of multiple U.S. telecommunication companies, including AT&T (News - Alert), costing AT&T alone about two million bucks, were linked by the FBI via bank statements to a “Saudi-based cell whose activities include financing terrorist activities.”
Philippine authorities said “the hackers appeared to be working for a group that was created by Muhammad Zamir, a member of Jemaah Islamiyah, a militant group based in Southeast Asia,” linked to funding the Mumbai terrorist attacks of 2008, among other attacks.
FBI officials said the hackers “didn't break into trunk lines, but rather targeted the PBXs used by AT&T customers,” according to InformationWeek, which added that other sources said “the attacks involved hacking into PBXs, then calling international premium-rate services to generate revenue,” a technique used frequently by malware developers, the journal noted.
Call fraud, not necessarily connected with international terrorism, is still a costly enterprise -- Revector, a British fraud management company, recently estimated that fraudulent calls are costing some telcos an upwards of $150 million per year. Much of the time the fraud is hard to detect, and goes unnoticed for a long time.
One standard way a scam operates is for the scammer to set up a conference server somewhere in the Third World, usually Africa, according to officials of TransNexus (News - Alert), a least call routing company, and make a deal with the local state-owned phone company to collect fees for any calls terminated to their conference server, as TransNexus officials explain.
The scammer then hacks into an IP PBX (News - Alert) or SIP phone, and generates multiple calls to the server. This can cost tens of thousands of dollars for the international long distance vendor, which bills the SIP service provider for the hacked enterprise customer. Of course what happens when the bill comes due is that the end customer is outraged, refuses to pay and switches service providers if the charges aren’t dropped. So the SIP provider is stuck with the bill, as it really isn’t in a position to muscle around international carriers.
It’s called “traffic pumping,” and TransNexus offers products to help deal with the problem, such as NexOSS, which monitors for “unusual spikes in call traffic to a specific destination,” according to company officials, and temporarily blocks the route to cap losses.
Is it worth it? “A single fraud loss can easily cost more than five times the cost of the NexOSS,” company officials say. Your call.
David Sims is a contributing editor for TMCnet. To read more of David’s articles, please visit his columnist page. He also blogs for TMCnet here.
Edited by Jennifer Russell