Napísal Ing. Radek Kummer, Telefónica O2 Czech Republic

1. THE VARIOUS PERSPECTIVES OF THE PARTICIPATING PARTIES
In the telecommunications field we encounter several categories of participating parties, whose perspectives and interests naturally differ. This applies to the commercial as well as to the security area. We encounter competing telecommunication operators, various providers of services offered and provided via telecommunication networks, state regulatory authorities, ordinary customers, large companies, and corporate clients. We should not forget to mention players whose main interest is to generate illegal profits.

1.1 THE REGULATORY AUTHORITY’S PERSPECTIVE
Regulatory authorities charged with the task of regulating the telecommunication market exist in all developed countries. Their duty is mainly to attend to the technical conditions, quality of the services provided and the regularity of competition between the individual operators. One of its duties should be to makes sure that the conditions on the market do not lead to the creation of a high-risk situation, given that, after all, the commercial and technical conditions of the services provided in the regulated segments of the market are subject to their approval.

It is important to take into regard that telecommunications represents critical infrastructure of strategic importance.

• Endeavour to maintain competition on the telecommunication market.
• Endeavour to protect the customers of telecommunications companies.

Diagram 1. Various perspectives

1.2 THE TELECOMMUNICATION COMPANY’S PERSPECTIVE
In the majority of cases telecommunications companies are the only ones that can ensure the security of the services provided or at least to limit possible risks. The endeavour to limit possible risks begins at the point that a new telecommunications service is designed. It is necessary to weigh up the technical as well as business aspects. Even neglicence in the business conditions area can result in risks caused by someone‘s dishonest actions, as documented below.

• Endeavour to protect and maximise the company‘s profit, and protect the company from bad customers.
• Endeavour to protect their own customers from various attacks in order to retain their custom and keep the its good name.
• Ofter participate in the realisation of services for which they must pay sub-contractors, without having the certainty of collecting money from the end customer.

The endeavour to maximise profit and the endeavour to protect customers may come into conflict at a telecommunications company. Despite this, telecommunications companies are aware of the value of their good name, which is reflected in the fact that the FRAUD detection department (telecommunication frauds) are not focused solely on protecting these companies but also on protecting their customers. At the present time assorted products are starting to be offered that monitor the character of individual customer‘s telephone traffic according to the given customer’s settings and inform the customer of the incidence of unusual increases in traffic, which makes it easier to prevent unusual situations from arising.

1.3 THE CUSTOMER’S PERSPECTIVE
The great majority of customers do not posess deeper technical education, nor can anyone expect it of them. Their main objective is to receive an uninterrupted and effective service. In most cases they cannot objectively arrange for a secure service and this responsibility thus rests with their supplier - telecommunications companies. On the other hand, in cases when it should be up to customers to arrange for the required degree of security they often lack enough will, time and education. This namely applies in the case of dial-up Internet access from home computers.

• Obtain the highest quality and cheapest services
• Obtain the safest services

1.4 THE PERSPECTIVE OF PLAYERS ATTEMPTING TO GENERATE ILLEGAL PROFITS
The character of players attempting to generate illegal profits is increadibly varied. It ranges from individuals through to organised groups often operating from overseas, as well as companies. Individual operators can also show signs of wanting to participate in irregular and dishonest illegal actions.

It tends to be very problematic to apprehend foreign illegal players, which is why telecommunications companies in most cases satisfy themselves with blocking attacks, introducting measures aimed at detecting these illegal players as quickly as possible and keeping their foreign colleagues mutually informed and warned.

• Endeavour to find gaps in the security measures employed by telecommunications companies and their customers, and to profit from them.
• Leave the least amount of tracks.

2. FUNDAMENTAL THREAT CLASSIFICATIONS
Threats connected with telecommunications may be associated with the actions of various attackers (players attempting to generate illegal profits) as well as with deficiencies in the technologies employed. Some threats will be threats for telecommunications companies, whereas others will be threats for their customers. But it is also good to stop and realise that such a perspective may, from a global viewpoint, be rather shortsighted. On the one hand, if telecommunications companies say that threats endanger their customers and not them directly, they can easily lose their customers. On the other hand, if a company takes the stance that threats solely endangering telecommunications companies are their problem it must count on the fact that honest customers will, in the end, cover the ensuing losses.

The following list does not aim to be 100% complete, instead merely focusing on the most characteristic examples.

Diagram 2. Basic classification of telecommunication threats

2.1 TECHNOLOGICAL THREATS
In the wider sense we can label most telecommunication threats as technological threats. At this point, however, we will discuss the threats ensuing from the technologies themselves, without the presence of any maliscious intent. These threats are mainly associated with the corporate clientele of telecommunications companies and can lead to large losses.

Diagram 3. Technological threats

2.1.1 LONG NON-DISCONNECTED CALLS
This threat is associated with private branch exchanges used by various companies and organisations. In some cases what can happen is that a subjectively terminated call is not disconnected by the private branch exchange properly, or is held without the participant’s knowledge. Such a call may actually remain “connected” for a number of days. And in the event of an international call this could result in a major loss.

Example 1

Customer “A”. A long call to Belgium from 12.12.2006 till 21.12.2006. The final price of the call was over CZK 59,000.

Countermeasures:

On the part of the customer it is necessary to put in place the proper administration and supervision over the equipment used. On the part of the telecommunications company monitoring of long calls is needed, especially those to expensive destinations.

2.1.2 CALL SEQUENCES
Many companies employ telecommunication as part of their technology. This typically involves companies providing various security services, which use technology to provide a link between guarded locations and their central supervision counters.

Other companies use dialed telephone connection to transmit data between their head office and branches, often using international calls. If this communication is set up incorrectly it can result in long sequences of short calls being generated.

Example 2

Customer “W” May 2006. Branch of an English company. A series of one-second calls made to foreign destinations was detected. The customer is contacted and alerted to these unusual calls. At the beginning this customer claims that all is in order, but when he receives the telephone bill he tries to make a claim. The damage is approx. CZK 170,000.

Countermeasures:

On the part of the customer it is necessary to put in place the proper administration and supervision over the technology used. On the part of the telecommunications company detection of regular call sequences is needed. This is burdened by the fact that this could be conscious behaviour on the customer’s part - without being in contact with the customer it cannot generally be detected what is in fact happening.

2.2 CRIMINAL THREATS
In this section we shall discuss threats associated with the activivities of players endeavouring to generate illegal profits. These can use various technological means, but do not stay clear of traditional frauds and various manipulative means. These threats present a risk for telecommunications companies as well as for their customers.

Diagram 4. Criminal telecommunications threats

2.2.1 THREATS ENDANGERING THE CUSTOMERS OF TELECOMMUNICATIONS COMPANIES
This section shall mainly analyse the threats directly afflicting the customers of telecommunications companies, even though they can, in some cases, either directly or indirectly by way of a loss of a company’s good name, place the actual telecommunications companies at risk.

Insurbordinate employees

Employees can cause their companies major losses by calling expensive destinations from work phones. A solution to this is a corporate private branch exchange with the possibilities for calling expensive destinations dependent on the position of the employee at the company or for the payment of a service offered by the relevant telecommunications company that monitors the call profile. Even though telecommunications companies monitor any unusual increases in call charges during the billing period and relate them to the given customer’s payment discipline to date, but in the case of corporate customers these increases may be under the threshold of interest.

Example 3

The ever-recurring situation, mainly in audio-text services. Problems are often caused by security guards or entities who rent from a corporate customer. If a telecommunications company has a detection system duly operating then firms are contacted within a relatively short time and the loss does not tend to exceed thousand of Czech crowns, even though the situation in the case of data audio-text can be worse (hourly rate of up to CZK 4000).

Countermeasures:

On the part of the customer use should be made of private branch exchanges with the possibility of a blocking of various destinations differentiated according to the individual switches or a blocking of audio-text and data audio-text at telecommunications companies.

On the part of the telecommunications company detection of unusual increases into specific directives and contact with the customer.

Splicing into telecommunication cabling

An old problem encountered by the operators of fixed networks. The fixed line network contains hundreds and even thousands of kilometres of metalic cabling linking the telephone exchanges with the end users. Along this route is a number of telephone switchboards. It would be extremely costly and almost physically impossible to reliably secure these cables against third-party interference.

This situation presents an opportunity to perpetrators, who mechanically splice into the cabling and are then able to make calls free of charge. Public telephones are becoming a frequent target of these attacks, in which case the telecommunications operator itself is at risk.

Splicing into cabling can be a mere means to commit a more sophisticated criminal activity. An example of this can be the so-called audio-text or premium rate services. The principle employed is that information or other services are provided in a dedicated part of the number plan at a higher telephone rate. The telecommunications operator collects money from its customers and remits a certain amount to the provider of the given service. The provider of such a service is then interested in having the highest rate of traffic. Some dishonest operators are then capable of going to such an extent as to generate such traffic at the expense of a third party. In the beginning this was achieved using automated telephone traffic generators. After implementation of the relevant countermeasures a case was detected of a larger geographical area connected with the splicing of telephone switchboards and generating of traffic in small volumes from a large number of assorted telephone lines.

Example 4

In June 2005 customer “S” arranges with the former ČESKÝ TELECOM a. s. for the installation of 3 audio-text lines with a per minute rate of CZK 70. In the beginning these lines have negligible incoming traffic volumes. In September 2005 a significant increase in this traffic is noted. An analysis of the traffic shows that this traffic is in the form of regular series of nighttime calls, always from one or two telephone numbers connected into one telephone switchboard. The locations from which these calls were made are spread throughout the entire Vysočina region. The damaged customers submit claims pertaining to their bills. The absolute majority of these claims were honoured and the case ends with the filing of a criminal complaint. The damage is calculated to be around CZK 240,000.

Countermeasures:

If the call traffic on a telephone line does not increase in an unusual manner a telecommunications company cannot notice any discrepancies. In the event of claims being made local investigations are conducted in order to determine possible splicing.

As regards the above-mentioned case with the audio-text operator, then the total incoming calls for audio-text operators is monitored, with any unusual increases being subjected to individual analysis.

Hacking of private branch exchanges

This is a dangerous form of criminality, often having an international character. Modern branch exchanges may be perceived as special communication equipment with a large number of functions. This equipment requires specially trained service personnel for its administration and allow for remote administrator access over the telephone network.

This access for administrative purposes over the telephone is a stumbling block. There are illegal operators who scan telephone number ranges and look for such access. After locating the access these operators then try to hack into this access, which is made easier by the fact that many administrators retain the original password pre-set by the supplier or use an inadequate password.

Many branch exchanges can and do have administrator access via a data network. Then the act of taking control of such a branch exchange is a case of traditional computer hacking.

After the hacking of the exchange incoming calls are re-routed to certain foreign switches. In the event of the hacking being conducted from abroad this involves saving part of the connection charges into expensive routes. In this case, for example, a call placed from Brussels to some Asian country is made at the rate charged for a call made to the Czech or Slovak republics. The difference in the rates is then paid by the entitled owner of the branch exchange.

Because the perpetrator of this criminal act is abroad, recourse against this situation is very difficult that is beyond the normal possibilities of state authorities (courts, police) of the relevant states.

Example 5

• In the third week of December 2001 an unusual international traffic was noted in the case of one of the significant customers of the former ČESKÝ TELECOM a. s. A more detailed analysis of the situation confirmed the suspicion that customer “M’s” branch exchange had been attacked.
• Telecommunication traffic to Nepal, Senegal, Pakistan, Nigeria, India, Syria, Iran, …detected.
• The customer is contacted and is “shocked”.
• The private branch exchange is attacked via remote access service (RAS).
• Telecom’s technicians are able to ascertain that 90% of the traffic into the network of ČESKÝ TELECOM a. s. originates from the Aliatel network, with the remaining traffic originating from the networks of other operators (GTS, … ).
• Belgacom, the foreign partner, confirms that the calls originated in Belgium and the Netherlands. They detect frequent calls made by the users of calling cards issued by an operator called TRITONE
• A loss of CZK 3.8 million was suffered. What followed was the development of a realtime detection aid for detecting attempts to attack private branch exchanges from the telephone network.

Countermeasures:

On the part of the customer it is necessary to secure administrator access to private branch exchanges (often it is discovered that the original passwords preset by the manufacturer were retained).

On the part of the telecommunications company specific detection filters must be implemented, which must however work with realtime data, which makes the solution expensive. If fast detection of the attacks is implemented, it can be expected that this will deter particularly organised foreign attackers and they will withdraw.

Diallers

By their essence diallers can be classified among malware and are a classic example of the crossover of classic computer and telecommunication criminality. Lately diallers have started to encroach on the area of advanced mobile telephones, which have their own operation system, often modified using MS Windows.

These are programmes that are automatically installed onto a computer once certain websites are visited, and subsequently divert the dialed-up telephone connection either abroad or to a special part of a telephone number plan designated for so-called premium rate services (in audio-text in the Czech Republic). In some countries (e.g. the Czech Republic) a different part of the telephone number plan may be designated for data premium rate services than for voice premium rate services. Some forms are capable of independent, covert, recurring dial-up connection.

In the case of mobile telephones the dialer program is also spread via the dangerous blue tooth connection.

In the Czech Republic the rates for such dialled-up data connections may go as high as CZK 4000 per hour.

Generally, a difference is made between so-called honest and dishonest diallers. The “honest” diallers should clearly notify the user prior to installation of what will follow, which (in ideal cases) should include the price of the connection.

With the advent of ADSL connections this problem is on the wane, but we still cannot let it out of our sight. The irony is that users of ADSL connections can become dialler victims if they retain their dial-up connection in order to be able to receive faxes over the phone.

Example 6

Despite the fact that customers are gradually switching to ADSL connections, we could give countless examples. But they all have one thing in common - from the aspect of the telecommunications company it cannot be distinguished whether the customer switched to an expensive connection of his own free will or whether he was the victim of fraudulent routing. The error also clearly lies in the rules reigning on the market (e.g. data audio-text is provided by several telecommunicatioons companies in the Czech Republic). But the relevant regulatory authority is also responsible for these rules.

Countermeasures:

On the part of the customer it is necessary to put in place thorough protection of the equipment against malware and avoidance of suspicious Internet websites (generally those offering erotic content and mp3 downloads). Another security measure that can be employed is to block data audio-text with the telecommunications company. As a rule, it is no longer acceptable to block calls to other countries.

On the part of the telecommunications company, it should monitor unusual increases in call charges and, in worse events, contact with the customer and verification of the situation (given the large number of cases of this type not all the customers can be contacted).

Spam, social engineering

Just like there is spam distributed via e-mail, there is also spam distributed via telephones. It can take the form of various product offers, political advertising or a classic con. Often, analogically to Internet spam, automats are used to distribute them. It is often associated with a manipulation of the caller’s number in order to conceal the identity of the spam’s source. Customers of telecommunications companies often view such calls as bothersome and telecommunications operators try to block it as far as their capabilities allow (this is not possible if the caller’s identity is fully deleted).

There are also links with social engineering. In this case this involves a mass calling campaign aimed at communicating matters such as false information about a fictitious win (in a lottery, etc) or a discount on some product (holiday abroad), with an invitation to call a premium rate service (voice audio-text) to obtain further information. Upon calling this premium rate service the caller than spends several minutes only to find out that he has actually not won anything. The losses suffered by the end users in such a case can reach several hundred of Czech crowns.

Example 7

In 2005 several cases of this type were recorded in the Czech Republic, involving the mass calling of the customers of the former ČESKÝ TELECOM a. s. from USA, with the premium rate service number being in the network of the alternative operator of a fixed telephone network.

Countermeasures:

The character of attacks from abroad shares some common attributes with the attacks on branch exchanges. If the caller can be identified well then the telecommunications company can block this caller.

Tapping of telecommunications traffic

Official taps conducted at the request of state authorities are performed on telephone exchanges and are thoroughly monitored and recorded. This concerns both the mobile and fixed networks. Besides these legal taps there are also illegal taps.

As far as fixed networks are concerned, taps are conducted by connecting into the metallic telephone cabling, with protection on a general basis being very difficult.

As far as mobile networks are concerned, analogue first generation networks can be tapped. Offers of the appropriate equipment allowing such taps to be conducted can be found on the Internetu (e.g. see here [2]). This equipment should also be effective in tapping into handsfree telephones.

GSM networks should be secure against illegal phone taps. Communication between a mobile telephone and a base station is encrypted, and furthermore taps should not be physically possible.

The new VoIP telephony also allows taps, using the technique of DNS poisoning.
Mobile telephones are the medium used for taps

Mobile telkephones may, in principle, be misused to operate as phone tapping equipment. If we select from the products normally available on the market, then we can buy at [2] two models of mobile telephones supplemented with a special programmable chip allowing this telephone to be transformed into an effective means of tapping someone. If someone calls this telephone from a given telephone number a telephone connection will be established without any sign being registered on the telephone - i.e. no ringing tone, vibrations or change in the telephone’s display. In all other respects such a mobile telephone behaves just like any other mobile phone - i.e. it can be used to make and receive calls. But such equipment is not so dangerous. First it must be somehow forced upon the victim of the phone tap. Nevertheless, technology is constantly going forward and today’s mobiles (or, more precisely, communicators) are fully-fledged computers with their own operating systems and their own malware - see the problems of diallers. This means that the final result is that no special chips need be installed …

Of course it is possible to raise the objection that such a tap, and with it the party conducting this tap, may be identified with the help of the incoming calls list. But even this is little solace, at least at a time of prepaid telephone cards without a credible record of their holders and at a time when the transmission of caller ID between telecommunications operators is not compulsory - see the chapter on general threats.

2.2.2 THREATS ENDANGERING TELECOMMUNICATIONS COMPANIES
These are threats that need not concern the individual customers of telecommunication companies, but may nevertheless represent fundamental problems for the companies themselves.

Traditional threats

In this section we can include traditional problems, whose equivalemts will also show up in other business fields. This includes the non-payment of bills or the establishment of telephone lines under a forged identity.

Threats endangering customers also pose threats for a telecommunications operator

As has already been stated above, threats endangering the customers of telecommunications companies eventually endanger these companies too. This involves a dangerous loss of confidence on the part of the customers and a subsequent loss of customers.

Battle between telecommunications companies

The battle between telecommunications operators is not always a legal and fair one. In this area we can mainly encounter the illegal interconnection of telecommunications networks in order to avoid the need to conclude interconnecting agreements.

Example 8

Often it is however possible to encounter unexpected effects ensuing, for example, from the business policies of telecommunications operators. In 2006 such a novelty came to the fore. This involved the use of a telecommunications company‘s tariff program enabling the user to make weekend calls for free and without limitation for a certain fixed payment. Another competing company offered its customers a direct monetary share for incoming traffic from the competition, i.e. a share of the interconnecting fees. The result of this was the uncovering of a customer having a telephone connection with both companies, who used automated means to generate a large volume of traffic for a lump sum into the network of the company providing a direct monetary share of the incoming traffic from the competition. Due to the fact that every telecommunications company is obliged to offer all of its partners the same business conditions, this situation had to be resolved by the regulatory body.

Countermeasures:

An analysis of the traffic with the competition, surmising the business conditions. As far as security against illegal interconnecting of communications networks is concerned, this is a very extensive issue that is beyind the scope of this contribution.

2.3 GENERAL THREATS
In this section it is possible to include threats that need not have a direct economic impact, but may make life unplesant. This includes the problems associated with the manipulation of the telecommunications signaling, particularly manipulation with the caller’s ID.

With the increased popularity of VoIP telephony new specific threats are also appearing at the border between the traditional IT world and telecommunications.

Diagram 5. General threats

Change in caller ID

The identification of telephone calls is transmitted between telecommunications operators and also between individual telephone switchboards with the help of specialised signaling protocols. This signaling can be encroached upon at the level of telecommunications operators and change such things as the data on the identification of the calling telephone station.

On the Internet you can find sites [1] offering this option for a fee. This service is only offered in the US and should be under the supervision of local statutory authorities. There will of course be more such offers and not all of them will be at an official level and under the supervision of state bodies.

Diagram 6. Internet offer of a card giving the ability to change one’s caller ID

Missing caller ID

Telecommunications companies are not at present obliged to preserve the identity of the calling party in the course of the mutual transmission of telecommunications traffic. From the aspect of clearing this is not material. But problems arise if authorities active in criminal proceedings or the customer, that it concerns, call for a statement of the incoming traffic for a given telephone line. In such a case the telecommunications operator is often unable to provide more information than which competing operator the call had originated from.

As has been noted above, missing caller ID is also a problem when trying to block voice spam. Bothersome mass calls originating from abroad and lacking caller ID cannot be blocked. This is because of the fact that it is not possible to block all incoming traffic originating in England without identifying the caller.

In the end, this situation is not satisfactory for telecommunications companies. Often calls without caller ID are also related in some way to other telecommunications frauds.

The risks of VoIP telephony

VoIP (Voice over IP) telephony is now becoming a strong competitor for mobile and fixed telephone networks. All a customer needs in order to use VoIP telephony is high-speed Internet access and he can make calls without needing to have a traditional telephone connection, whether from a mobile or fixed network operator. Companies operating VoIP telephony may also offer message and file transmission services. Even though special hardware is offered for the purpose of making phone calls - VoIP telephones enabling calls to be made without using a computer, but VoIP telephony tends to be used via a computer. Unlike traditional telecommunications protocols (such as SS7), the protocols for VoIP telephony tend to be proprietary and closed, even though this is not so in all cases.

The following risks ensue from the above:

• The SW for VoIP telephony can become the gateway for controlling and misusing a computer. For example, in 2006 a warning was published of the danger of Skype being misused to cause a DoS attack [3]. The closed nature of the protocol also prevents the content of communication from being monitored, which is the reason why many companies have decided to block Skype.

• The weaknesses inherent in the Internet environment are becoming VoIP telephony’s weaknesses. One example is the possibility of misusing DNS poisoning, which can lead to communication being tapped.

The spectrum of possible threats to VoIP is of course wider. A possible taxonomy can be found on the pages of the Voice over IP Security Alliance (VOIPSA) [4]. The factuality of the threats stipulated therein is of course dependent on the services implemented and offered. What is clear, however, is that the possibilities offered by the VoIP platform are wider than merely voice transmission. The individual potential threats will be realised according to how these possibilities are fulfilled and according to how the companies offering VoIP communication approach the issue of securing their products.

3. A SHORT LOOK BACK INTO HISTORY (EXTINCT AND DISSAPEARING THREATS)
The accession and continuance of specific threats is associated with the technologies employed and constitute use being made of their weaknesses. Individual threats can become extinct as technologies develop and change. Several examples of such extinct and dissapearing threats are given below.

Diagram 7. Extinct and dissapearing threats

Winding back the counters at telephone exchanges

At the present time, in cases where the customer does not pay for services by way of a tariff, the telecommunications traffic is cleared on the basis of detailed records of the customer’s traffic. But this was not always the case. Earlier, when only analogue exchanges existed, billing was conducted by reading the analogue impulse counters. This principle was subject to attacks by the exchange’s service personnel, who could wind back the counters so that the change from the last reading would be minimal. This activity was related to the pre-sale of telecommunication traffic especially within one of the ethnic communities in the Czech Republic and thus, until the time that the problem was uncovered, it caused the former fixed line operator hundreds of millions of crowns of losses.
Falsification of phone cards used in payphones

The original phone cards were essentially simple memory cards, from which the call units used were deducted. This led to the wide-ranging production of so-called infinite phone cards.

This problem practically ceased with the implementation of so-called chip cards equipped with a sophisticated security mechanism (Eurochip 2).

Call hauses

This is an organised form of telecommunications fraud. It is often international in character and involves the establishment of an unauthorised large-capacity connnection without paying for the service and the presale of telecommunications traffic. It is used mainly for calls made to foreign destinations. The only effective means of protection from call hauses is to detect any increase in traffic as fast as possible and to disconnect the suspicious connection with equal speed. This fraud can result in millions of crowns of losses in a single day. Despite the danger posed by this fraud it is now practically non-existent - this is due to the fact that the ever shorter response times of detection systems employed by telecommunications companies have praktically suppressed this type of fraud activity.

Example 9

Two ISDN30 connections were installed for customer “T” in June 2004. Then, at the start of July a large increase in calls to Cuba was detected. An inspection was made at the place where the ISDN30 connections had been installed and it is discovered that no one seems be in the apartment (blacked windows, no one opening the door), while the connections still register intense traffic to Cuba. After two days, when the volume of the calls made reached CZK 500,000, the ISDN30 connections were disconnected and contact made with the police and the customer’s executive director. This executive director is suprised that the connection was cancelled. It is subsequently discovered that the high-speed internet link of another operator had been connected in the apartment, and that this apartment was being used to switch calls transmitted via the Internet to the fixed network, which is in breach of the telecommunications act. An installment invoice is handed to the executive director of customer “T”, who is an Izraeli citizen, but this invoice is not paid. The resulting loss amounted to roughly CZK 670,000. If the operator not made a timely intervention and had the traffic continued for the duration of the billing period the damage would have amounted to many millions of crowns.

Countermeasures:

Monitoring unusual increases in calls made to foreign destinations and, in particular, high call charges in the case of newly established connections.

4. PROSPECTS
The prospects are related to changing technological conditions and telecommunications companies‘ changing business policies.

In the technical area this mainly concerns the accession of VoIP (Voice over IP) telephony.

From the business aspect it can be expected that telecommunications companies will try to make the move from being mere providers of a “connection” to being content providers. At the present time this mainly involves the distribution of a TV signal and the lending of films via an ADSL connection.

On the other hand, the companies that had previously only provided cable TV services, have started to provide Internet access as well as also starting to provide voice telephone services.

Thus, in overall terms, the border between the traditional IT field and telecommunications will become blurred, with combined threats being discovered. This will, among other things, determined by the fact that normal computers will be utilised to a greater degree for voice communications, whilst there will be the converse general shift of mobile telephones being made in the form of communicators. The acceeding VoIP technology will be influenced by weaknesses in the Internet environment.

REFERENCES

[1] http://www.sppofcard.com/
[2] http://www.advanced-intelligence.com/
[3] http://www.techworld.com/security/news/index.cfm?NewsID=5232&inkc=0%3CBR%3E
4] http://www.voipsa.org/Activities/taxonomy-wiki.php

Tags: telecomunication, threats