International hackers ring up the bills

It was, consequently, quite a surprise when Sydney-based VoIP (Voice over Internet Protocol) telephony provider MyNetFone sent us a bill for $37.75 for a number of calls it claimed we had made to mobile phones and other services in those countries. The calls occurred in a matter of a few minutes on April 5 and April 8.

The spur of the moment checked our previously accounts

We on the spur of the moment checked our previously accounts and discovered that in March, according to MyNetFone, we'd happily spent $41.82 ringing people in Latvia, Romania and London, as then as maintaining our mobile phone conversations with our fellow jet-setters in Macedonia and the Solomon Islands.

In December, the tech-support people at Australian Research Partnerships advised us to improve the security on our Asterisk open-source phone systems, which uses the VoIP lines, because they'd heard some unpleasant stories about local businesses being charged many thousands of dollars for fraudulent calls that had been placed through their PBX (Private -Automatic- Branch Exchange) systems.

We did some checking and discovered that before in 2010 a Perth-based business had been hit with a bill for $120,000, afterwards intruders had made 11,000 calls through its phone system over a 46-hour period.Somewhat chilled by the implications, we without warning made changes, with the help of Ashley Rafati at Australian Innovation Partnerships, to secure our systems.

First we locked down all the SIP extensions that make VoIP calls over an internet connection to local network addresses. That meant our server would not allow connections from external IP addresses.

We changed all our passwords to 12-character strings including lower-case and capital letters, numbers and symbols. We as well made it impossible for anyone to log into our network remotely and gain what Linux users call root access to the Asterisk box, which, really, provides godlike powers.

Having done all that, when the MyNetFone bill arrived with those international charges, we checked all our logs and found no evidence of a security breach. We went through every call in the Asterisk logs. Our system had not placed the calls we were being charged for.

The username

It seemed much more likely that someone had gained access to the username and password of our MyNetFone account and had placed the calls from a different IP address.

Someone using a Windows PC in Hong Kong had recruited our account in a thriving black market in international phone calls that the industry calls "toll fraud" and the police refer to as "phreaking".

Crime that affected only PABX systems

Once a crime that affected only PABX systems and conventional phone lines, it is now being directed at small businesses and home users of VoIP services who are more vulnerable to attacks.

If someone can evade all the precautions we take to secure PCs, networks and email, anyone using VoIP is vulnerable. We'd suggest you check your security — and your phone bills — regularly. MyNetFone has a guide to internet security at bit.ly/bG7sCv.

Unfortunately, even though it interrupted that attack, MyNetFone didn't inform us of the incident right away. That meant we weren't given the possibility to change the password and block overseas calls, so one month later, our account was attacked again.

MyNetFone director

We talked to a MyNetFone director, Rene Sugo, and recommended the company should change its system so it without warning blocks international calls on any compromised account and alerts the user. He has agreed to implement that.

As a result of the attacks, we've decided to bar international calls on our VoIP lines. We're sure our international friends are going to miss our frequent chats.

Five generations on,Tyrrell's is a thriving family business pursuing long-term visions unfettered by the need for short term dividends.