SIP trunks and Hosted PBX or NBN Phone Systems, as with most other services and products that have internet based pass words, can get hacked and which may result in a costly end-user carrier invoice for lengthy overseas calls.

There are ways to mitigate the possibility of hackers exploiting vulnerabilities in your customer’s on-premises PBX equipment and with your Hosted PBX phone system.

It is key to  being aware of possible hacking issues and how to avoid them.

SIP Trunk hacking vulnerabilities

Below the two most common ways hackers compromise the CPE.

1. Entry through weak password security

If network users apply weak logins or passwords (ie credentials that are easily guessed by a computer program such as birthdates or sequences of numbers) the entire network may become vulnerable to hacking.

2. Entry through volume attack

Some security compromises are caused when high volumes of access requests are established by 3rd parties. These high volumes often cause the whole network to fail and waste the organisation’s money and time as it seeks for a solution.

SIP Trunk and NBN Phone System Hacking prevention

It is key to work together with your SIP Trunk and NBN Phone System suppliers to mitigate the risk of hacking. This can be achieved as follows.

1. Secure the PBX with strong system and Voice Mail passwords

On the customer’s end, network users should apply strong login credentials to prevent outsiders from easily guessing usernames and passwords. It is important to change the username and passwords frequently. So ensure you change default passwords for System access and for Voice Mail Pins and change them at least 3-6 monthly.

2. Physical security

The customer need to be educated on how to keep their hardware secure. You should ensure that your PBX and network equipment is kept secure from access from unauthorised employees or visitors to you sites. In addition to the Phone System, this includes keeping router and firewall access passwords secure.

Although suspected fraudulent services will be blocked (note: not all services on the account) at carrier level, it remains the customer’s responsibility to ensure a secure PABX.

The good news is that keeping your Phone System secure is relatively simple and painless. Like any other systems with passwords, keep the passwords secure and complex. e.g. dont use your date of Birth for example.

Hosted PBX phone Systems and NBN Phone Systems are far less prone to Hacking. We advise Customers to stay alert during the Christmas period as this is a time hackers seem more active than usual.