Businesses, Telecom discuss hackers' trail of destruction
Some of the businesses that are facing enormous Telecom bills racked up by PABX hackers in the past two months have approached lawyers to advise them on the issue of liability.
Sources confirmed this week that a number of companies are consulting lawyers to help sort out who is responsible for paying the bills.
Following the latest spate of attacks, hackers made fraudulent calls at several companies that led to individual bills amounting to N$2 million, N$700 000, N$600 000, N$300 000, N$80 000, N$45 000 and N$11 000 respectively.
Several more companies have been hacked, sources confirmed.
Telecom Namibia spokesperson Oiva Angula confirmed last week that “the first reported hacks recorded losses of up to N$6 million to local businesses” on interconnect calls.
Meanwhile, the number has increased by at least N$2 million, Namibian Sun was informed.
Angula last week said that the legal liability for the call charges rests with the customer.
On Monday, a Telecom representative said at a meeting attended by affected customers, IT specialists and service providers that Telecom would arrange individual meetings to discuss what could be done to assist them.
He emphasised, though, that Telecom was not liable, because the hackers had targeted devices at the businesses, and not Telecom directly.
One option Telecom is considering is to waive a certain amount, such as commission on interconnect calls, which would reduce the customers' bills by roughly 10%, Namibian Sun was informed.
IT specialists this week warned that “every user is at risk”, including home-owners who have installed Fritzboxes, as well as PABX clients.
It is unclear how many companies in Namibia have been hacked since January, and Telecom Namibia declined to provide an exact number, only saying it was “a few”.
Off the record, some parties have complained that this is not the first time hackers have fraudulently accessed PABX switchboard systems in Namibia.
They say service providers, including Telecom, should have implemented improved client protection options, including credit limits, and launched an awareness campaign.
A source told Namibian Sun a Windhoek based company was hacked to the tune of more than N$100 000 about a year ago.
At this week's meeting, the Telecom representative said the company had taken a number of steps to help customers identify possible hacker activity.
Telecom has blocked calls to 15 countries after suspicious call volumes were detected. Once the calls are investigated in consultation with the clients, the countries are unblocked if they are deemed safe. Cuba and Angola were among the countries that were temporarily blocked.
In terms of insurance cover, a Namibian broker says at the moment there are no policies that specifically protect businesses against cyber- or telecommunications crimes.
Such products are newly available in South Africa and Namibian insurers are looking at the options.
After this week's meeting, a list of precautions against hacking was released.
These include ensuring, with the help of PABX service providers, that systems are protected with complex PINs and passwords, and avoiding default codes. Features vulnerable to hacking should be disabled, including external call forwarding and voicemail services.
An IT specialist at the meeting pointed out that hackers “are not interested in breaking your system; they want to swindle you out of money”.
Therefore, basic precautions such as blocking outgoing calls after hours are useful precautions.
“The idea is to frustrate them. Don't be an easy target,” the expert warned.
IT specialists also advise that business owners should conduct regular risk or vulnerability checks.
Furthermore, businesses are advised to ensure they have PABX management systems in place, and should conduct regular spot checks on outgoing and incoming calls.
In addition, companies are warned that not all hacking is done from abroad. Employees or anyone else with access to a switchboard can cause havoc.
It was agreed that service providers, including Telecom, should improve customer awareness and that telecommunications companies and regulators should identify improved consumer protection strategies.
One such strategy is to provide a credit-limit service, which would function as an early-warning system.
JANA-MARI SMITH
Sources confirmed this week that a number of companies are consulting lawyers to help sort out who is responsible for paying the bills.
Following the latest spate of attacks, hackers made fraudulent calls at several companies that led to individual bills amounting to N$2 million, N$700 000, N$600 000, N$300 000, N$80 000, N$45 000 and N$11 000 respectively.
Several more companies have been hacked, sources confirmed.
Telecom Namibia spokesperson Oiva Angula confirmed last week that “the first reported hacks recorded losses of up to N$6 million to local businesses” on interconnect calls.
Meanwhile, the number has increased by at least N$2 million, Namibian Sun was informed.
Angula last week said that the legal liability for the call charges rests with the customer.
On Monday, a Telecom representative said at a meeting attended by affected customers, IT specialists and service providers that Telecom would arrange individual meetings to discuss what could be done to assist them.
He emphasised, though, that Telecom was not liable, because the hackers had targeted devices at the businesses, and not Telecom directly.
One option Telecom is considering is to waive a certain amount, such as commission on interconnect calls, which would reduce the customers' bills by roughly 10%, Namibian Sun was informed.
IT specialists this week warned that “every user is at risk”, including home-owners who have installed Fritzboxes, as well as PABX clients.
It is unclear how many companies in Namibia have been hacked since January, and Telecom Namibia declined to provide an exact number, only saying it was “a few”.
Off the record, some parties have complained that this is not the first time hackers have fraudulently accessed PABX switchboard systems in Namibia.
They say service providers, including Telecom, should have implemented improved client protection options, including credit limits, and launched an awareness campaign.
A source told Namibian Sun a Windhoek based company was hacked to the tune of more than N$100 000 about a year ago.
At this week's meeting, the Telecom representative said the company had taken a number of steps to help customers identify possible hacker activity.
Telecom has blocked calls to 15 countries after suspicious call volumes were detected. Once the calls are investigated in consultation with the clients, the countries are unblocked if they are deemed safe. Cuba and Angola were among the countries that were temporarily blocked.
In terms of insurance cover, a Namibian broker says at the moment there are no policies that specifically protect businesses against cyber- or telecommunications crimes.
Such products are newly available in South Africa and Namibian insurers are looking at the options.
After this week's meeting, a list of precautions against hacking was released.
These include ensuring, with the help of PABX service providers, that systems are protected with complex PINs and passwords, and avoiding default codes. Features vulnerable to hacking should be disabled, including external call forwarding and voicemail services.
An IT specialist at the meeting pointed out that hackers “are not interested in breaking your system; they want to swindle you out of money”.
Therefore, basic precautions such as blocking outgoing calls after hours are useful precautions.
“The idea is to frustrate them. Don't be an easy target,” the expert warned.
IT specialists also advise that business owners should conduct regular risk or vulnerability checks.
Furthermore, businesses are advised to ensure they have PABX management systems in place, and should conduct regular spot checks on outgoing and incoming calls.
In addition, companies are warned that not all hacking is done from abroad. Employees or anyone else with access to a switchboard can cause havoc.
It was agreed that service providers, including Telecom, should improve customer awareness and that telecommunications companies and regulators should identify improved consumer protection strategies.
One such strategy is to provide a credit-limit service, which would function as an early-warning system.
JANA-MARI SMITH
Comments
Namibian Sun
No comments have been left on this article