What Net Neutrality Means for VoIP Providers

Net neutrality has been a hot topic all year.  The window for public comment on how federal rule-makers should treat Internet traffic closed on September 12, 2014.  The FCC received a records 3.7 million comments.

While the public comments overwhelmingly favor net neutrality, many Internet service providers would prefer the FCC to implement an Internet “fast lane.”  Most of the public comment has been fixated on streaming video sites like Netflix, or other high bandwidth services like internet radio.  But, VoIP (Voice over IP) has a stake in net neutrality as well.  The public will be denied the benefits of high definition voice services if VoIP calls are stuck in the “slow lane”.  Over the Top VoIP companies that use the public Internet for their network transport have the most to lose.

Industry analyst, Phil Edholm points out that it would be easy for ISPs to push VoIP providers to a lower level of service unless those providers pay extra to be bumped up to a better service level.  Because VoIP requires high data speed to deliver effective sound quality, ending net neutrality could negatively impact VoIP providers and customers.

However, Hal Singer, writing for Forbes, has suggested that preventing Internet “fast lanes” could harm investment from telecommunication companies.  He points to past regulation that mirrors what the U.S. is handling in the present.

First, he notes the 1996 Telecom Act that required Regional Bell Operating Companies to “unbundle” local exchange networks to make room for telecom entrants. Rates for purchasing those exchanges were regulated, and one may have thought that telecom entrants into the market would have invested more heavily in areas with more regulation—lower rates. However, Singer points to research which reveals the opposite effect: telecom entrants invested more in states with higher rates.

ShellShock – Linux Bash Vulnerability

TransNexus software applications are not directly vulnerable to the recently announced “ShellShock” Linux Bash vulnerability, but the CentOS and RedHat Linux operating systems that host TransNexus applications are vulnerable.

Huzaifa Sidhpurwala has an excellent post on the Red Hat Security Blog that explains the vulnerability and potential attacks.  In a nutshell:

the vulnerability arises from the fact that you can create environment variables with specially-crafted values before calling the bash shell. These variables can contain code, which gets executed as soon as the shell is invoked. The name of these crafted variables does not matter, only their contents.

A post on the Redhat Blog provides the following fix.

BEFORE FIX (The following command will generate the response “OOPS”):

[ospadmin@labrat-1 ~]$ env x=’() { :;}; echo OOPS’ bash -c/bin/true

OOPS

[ospadmin@labrat-1 ~]$

 

FIX (Upgrade bash):

[root@labrat-1 ospadmin]# yum install bash

 

AFTER (No “OOPS” response to the following command):

[root@labrat-1 ospadmin]# env x=’() { :;}; echo OOPS’ bash -c/bin/true

[root@labrat-1 ospadmin]#

 

More information is available from CentOS security announcement: http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html

Telephone Spoofing Bill Introduced In Congress

In telecom networks, “spoofing” is the practice of misrepresenting the caller ID of a phone call.  It is a practice often used by criminals trying to commit telecom fraud.  On September 9, the US House of Representatives passed legislation aimed at stopping the practice of spoofing.  The bipartisan bill, HR 3670, was sponsored by Grace Meng (D-NY), Joe Barton (R-TX), and Leonard Lance (R-NJ).  The law has now been introduced in the Senate.

Currently, under the Truth in Caller ID Act of 2009, it is illegal to spoof a caller ID with the intent to conduct fraud or cause other harm.  However, it is not against the law to engage in “non-harmful spoofing.”  This could include a consumer withholding a call-back number from a company, or even a victim of domestic violence hiding their whereabouts.

Since 2009, the telecom landscape has evolved and fraudsters have developed new technology to circumvent the law.  The new legislation would “expand and clarify” the law to explicitly prohibit three new categories of calls:

  • Foreigners spoofing phone numbers when calling US consumers
  • VoIP services that enable callers to make outgoing-only calls to landline phones
  • Text Messaging

“Scammers are using technology to work around an outdated law, and the practice of spoofing needs to be stopped,” said Rep. Joe Barton in a statement.  “This bill will broaden protections for consumers by holding spoofing companies outside the US accountable, and including IP-enabled voice services.”

The Senate referred the bill to its Committee on Commerce, Science, and Transportation, but has not yet taken official action.  The bill will likely not be considered until after mid-term elections in November.

$166,000 Telecom Fraud Victim Files FCC Complaint

On September 4, 2014, the seven person architectural firm, Foreman Seeley Fountain Inc., or FSF, filed a complaint with the Federal Communications Commission (FCC) against its former telephone service provider, TW Telecom.  At the date of this post, TW Telecom is being acquired by Level3.  The complaint arose from a fraud attack in March 2014.  The FSF telephone system was hacked and fraudsters generated over 16,000 calls to Gambia running up a total bill of over $166,000.  The complaint alleges that TW Telecom aided and abetted the fraud by paying its international long distance provider for calls it knew were fraudulent.  If the FCC rules in favor of FSF it will have a major impact on the transfer of interconnect fees between carriers for calls that are determined to be fraudulent.  FSF and other telecom consumers think a positive ruling is the logical first step to stopping traffic pumping fraud.  However, some telephone service providers fear a positive ruling could make collection of interconnect settlement fees more difficult if there is not a clear standard that defines traffic pumping fraud.

Download the FCC Complaint

Carriers Block International Calls to Stop Traffic Pumping Fraud

Traffic pumping fraud to international numbers is driving more carriers to block international calling.  This telecom fraud, also known as International Revenue Sharing Fraud (IRSF) occurs when a fraudster hacks a victim’s phone system and then makes thousands of calls to an international premium rate number.  The cost of telecom fraud for the victim can exceed $100,000 (see $166,000 Traffic Pumping Fraud).

To combat this problem some carriers are blocking international calling by default.  Cox Communications blocks all calls to Gambia, Guinea, Sierra Leone, Central African Republic, Sao Tome, Seychelles, Somalia, Maldives, Azerbaijan, and Monaco unless they receive a request from the customer to dial those countries.  ANPI blocks calling to 64 countries that are known for high fraudulent activity or that are rarely called by ANPI customers.  ANPI publishes the list to its customers and will unblock calling to a country on the list if requested by a customer.

Jamaican regulator to analyze VoIP blockades

Jamaica’s Office of Utilities Regulation (OUR) said it plans to further analyse whether VoIP services can be considered as illegal bypass before deciding whether local mobile operator Lime and Digicel can continue to block VoIP applications from its networks, The Jamaica Gleaner reports. The regulator has been holding meetings with the mobile operators, as well as representatives of consumer associations. Lime and Digicel Jamaica have recently blocked a number of VoIP applications including Viber, Tango and Nimbuzz as the apps were not paying the telco’s for routing their traffic over its networks.

New Spoofing Techniques being used for Phone Fraud

WMC News is reporting a new technique being used for spoofing phone numbers for fraud.

Scam artists have accessed the decommissioned landline phone numbers of dead or canceled customers in order to “spoof” caller ID and push a credit card services scam, according to Tennessee telecom regulators.

Stacy Balthrop, deputy chief of the Tennessee Regulatory Authority’s Consumer Services Division, confirmed that telemarketers have learned how to forage for decommissioned phone numbers, program them into caller ID, then use them to solicit consumers with similar numbers.

“It is a computer program that they’re using to make those numbers similar, and we believe that it does increase the odds that the consumer will answer the phone,” she said.

One woman who contacted the WMC Action News 5 Investigators said she kept getting calls from a number two digits off of her number. The WMC Action New 5 Investigators have also heard from consumers who have received the same solicitations — and their own names and numbers have appeared on their caller ID systems.

Telecom Fraud Stops Fundraising Auction in Kansas

Hackers caused a phone outage in the Clay Center, Kansas recently, just as a local radio station was trying to raise money for a good cause.

KCLY Radio reports the outage impacted customers of Eagle Communications who use VoIP services. KCLY reports Eagle purchases services from Big River Telephone, which delivers services around the nation from its base in southeast Missouri.

Officials with Big River told KCLY their entire network was down for a while Friday because of hackers. The hackers made hundreds of millions of calls into the network, making the system unusable.

Unfortunately, the hackers hit just as KCLY was trying to conduct a day-long fundraising auction to benefit Relay for Life. They say service was out for about two hours.

AT&T Hackers Arrested in the Philippines

According to a recent fraud alert from the CFCA, six people were arrested by the anti-cybercrime police for allegedly hacking the system of American telecommunication company AT&T, causing about $24-million loss from the company, a police said Thursday.

Philippine National Police (PNP) Anti-cyber Crime Group (ACG) spokesperson Jhoanna Fabro identified the arrested suspects as Rosendo Catungal, Lani Diaz, Rommie Mondido Elmer, Liezel Feolog and Allan Villacrusis.

Three minors who were allegedly being used in the illegal activity were also arrested and turned over to the Department of Social Welfare and Development.

Fabro said three teams from ACG conducted the simultaneous operation in several areas in Luzon on Wednesday.

Catungal and Diaz were arrested in Tondo, Manila; Mondido in Longos in Malabon; the Feologs in Valenzuela City; and the Villacrusis in Angono Rizal.

PNP-ACG Chief Gilbert Sosa said among the arrested individuals was the “top most recipient of payments in dollars.”

Sosa said the operation stemmed from a complaint filed by Mark Zmigrodski, AT&T’s Global Fraud Management Organization manager requesting and seeking for police assistance, investigation and arrest of persons involved in telephone hacking in the country.
Sosa said Zmigrodski reported that on February 2011, he started noticing “large amount of unauthorized calling activity originating from the Philippines” attempting to hack the United States (US)-based business telephone systems owned by AT&T clients, the Private Branch Exchanges or PBXs.

“He initiated an investigation and started monitoring the calling activity of the intruding numbers to find out the extent of their activities from February 2011 to present. Consequently, he was able to prove and gather evidence of the intrusions over the AT&T long distance network perpetrated by an organized ring of several persons who have conspired to hack into PBX’s and use those PBX numbers as unauthorized access devices resulting in a significant loss to AT&T and its clients,” he said.

The hackers operate by making outbound calls to international toll-free numbers in the US using their land line or mobile phones, once they got through they will then dial the number of the target hacking victim.

The suspects were traced after they used their home telephone numbers for the activity.

“After dialing the targeted US telephone system, the hackers press touch tones (DTMF) on their telephone and illegally access the system in order to obtain free outbound calls,” Sosa said.

“The pattern of multiple calls with hacked PBX’s connected to their home phone lines provide probable cause that fraud is occurring from that residence. They then use the hacked PBX’s to dial high-cost international premium rate (revenue share) numbers,” he added.
The ACG chief said the illegal activity resulted a significant loss to AT&T and their corporate customers and in its wake, leaves a trail back to the hacker’s home numbers identifying the hackers involved.
Seized from the operation were desktop computers, telephone sets, routers, assorted cellphones, assorted documents, laptops, modems, assorted digital storage, digital cameras, assorted identification cards, ATM cards, and printers.

The suspects who are presently detained at the PNP ACG are facing charges in violation to Republic Act 8484 or the Access Devices Regulation Act of 1998.

$166,000 Traffic Pumping Fraud hits seven person firm

Small companies beware – telephone traffic pumping fraud has no mercy – especially for the little guys.  A seven person architectural firm in Atlanta has learned the hard way and is fighting back.  Earlier this year fraudsters hacked their phone system one weekend and generated $166,000.00 in long distance charges.  Their long distance provider, TW Telecom has a system to detect fraudulent calls, but the system was down for 44 hours.  During that time, the fraudsters repeatedly called seventeen telephone numbers in Gambia, the Maldives and Somalia.  Most small businesses do not realize that with today’s technology, fraudsters can use a single telephone to generate dozens or even hundreds of simultaneous, high cost telephone calls.

TW Telecom is threatening to sue the seven person architectural firm if they do not pay up.  In fact, the amount has now increased to $190,000 because of late fees and a disconnect fee because the firm has since switched telephone service providers.  Unlike credit card services, telephone service providers have no responsibility to protect their customers from fraud.  This business model may have made sense twenty years ago, but today’s technology takes the risk of fraud to a whole new level.  The fraud risk is greater and the techniques to protect a small enterprise phone system are more complex.  More importantly, a whole new eco-system has developed that creates a huge incentive for traffic pumping fraud.  This eco-system has two components: 1) widespread software tools that make fraudulent traffic pumping easy, 2) the proliferation of international premium rate numbers that provide a quick easy way for fraudsters to receive cash payment for their traffic pumping.

In this case, the fraud victim recognizes the telephone business model is fundamentally flawed and is fighting back to make changes that will benefit all consumers.  In the telephone business model, there must be a flow of revenue from the customer to the final network provider that completes the call to the called party.  Every network in the path of an international call must get paid something for their effort.  This is a fair and reasonable business model that encourages growth and innovation in telecom services.  However, if traffic pumping fraud is going to be stopped, the incentive for fraud must be removed.  The transfer of cash payments from the call source to the final destination – the premium rate number holder - must be stopped when obvious traffic pumping occurs to remove the incentive for fraudulent traffic pumping.  Arguing this common sense idea that criminals must not be allowed to profit is the architectural firm’s goal.  They are filing a complaint with the FCC that TW Telecom is in fact aiding and abetting telecom fraud by transferring funds for obvious traffic pumping to the next network in the chain of telephone networks that carried the call to Gambia, the Maldives and Somalia.  By making this payment, TW Telecom is in fact party to the fraud.  Like most small business owners, it sounds like these architects understand that you get paid for doing a good job and you get in trouble when you cheat customers.  But this is telecom, whether their argument will win the day with the FCC will be determined soon.  This could be a watershed moment in telecom which is being threaten by a rapidly growing problem of traffic pumping fraud.

See these links for more information:

http://www.denverpost.com/business/ci_26435343/customer-douglas-countys-tw-telecom-surprised-by-166

http://www.wsbtv.com/videos/news/local-man-says-hackers-caused-his-phone-bill-to/vCprX6/