Forwarded from: "Bill Scherr IV, GSEC, CGIA" <bschnzlat_private> http://www.seacoastonline.com/news/rock/11292002/news/777.htm By Jason Schreiber newsat_private November 29, 2002 RAYMOND - A Raymond company has uncovered an unusual telephone-hacking scheme that could cost businesses big bucks when they get their phone bill. John Laurence, owner of Telephone Systems Consultation and Maintenance, said his company has discovered that hackers are breaking into business voice-mail systems to make long-distance calls and send numerical codes to the Philippines. Company technicians have spent the last few weeks helping businesses repair their voice-mail systems after they were hit. The phone systems being attacked are all a brand made by Panasonic, Laurence said. The problem was first discovered when Laurence's company, which sells and installs telephone and voice-mail systems for businesses here and across the country, began receiving calls from clients reporting that their voice mail wasn't working properly. Some businesses have discovered problems when they attempt to retrieve messages but find their voice-mail is not accessible. After investigating the complaints, Laurence said his company found several cases where someone, presumably a hacker familiar with phone systems, managed to call businesses at night and alter their voice mail systems by creating a new mailbox that the person could then use to dial long-distance phone calls from an unknown location. Many of the bogus calls from business voice mail systems were made to the Philippines, Laurence said. Technicians haven't been able to trace the location where the calls from the hacker originated, nor do they know to whom the overseas numbers that were called belong. All of the long-distance calls are being billed to the affected businesses, said Laurence, who urged employees in charge of handling company phone bills to closely examine their bills. Some businesses may not be aware that their voice mail systems have been hacked into. "This could be happening to a lot of businesses across the country. This has happened to us several times over the past two weeks, so I can just imagine the volume of this that could be happening around the country," said Laurence, adding that companies should make sure that their phone systems are password-protected to make them less vulnerable. Laurence's company has a customer base of 600 businesses in New England and 1,000 more in other parts of the country. He said customers as far west as California have reported problems with apparent voice-mail hacking. Chris Goodrow, a senior technician for the Raymond phone company, said the hackers have also found a way to change the voice-mail programming so that it can forward voice mail messages from the company's system to the Philippines. For instance, he said some businesses have discovered strange voice mail messages that include what appear to be numerical codes followed by the voice of a person speaking just a few words in an unknown foreign language. EOS Research in Portsmouth is among the growing number of businesses attacked by the phone hackers. Ron Gehl, the company's president, said the problem was detected when employees noticed that one of the company's many phone lines appeared to be in use even though no one in the building was using that line. "Something was picking up the line and placing what seemed to be a brief call. After investigating, we found the voice mail was up to something. We unplugged the voice mail device and the problem seemed to go away," Gehl said. Technicians researched the problem and found that the voice mail system had been attacked. "Whoever hacked into it had established a new voice mail account which automatically was going out and repeatedly dialing long-distance numbers overseas and was transmitting numerical messages," Gehl said. Gehl said some of the voice mail box accounts were not protected by a password and he believes that was how the hacker was able to get into the system. Now, he said, all of the company's voice mail accounts are password-protected. Businesses need to be aware of the problem before they become victims too, Gehl said. People usually try to make sure their computers are protected from hackers, Gehl said, but now they must worry about their phone system. "I would certainly recommend that folks consider this as a potential target of a hacker. It may not be the first thing that comes to mind. Here's just another device that's essentially opened to the outside world in some form or another," he said. "I would simply recommend people look into the security of what their current voice mail system is and if it appears there may be a way to break into it, there may be steps to additionally secure it." Authorities say it's the first time they've heard of such a phone-hacking scheme. Raymond Police Chief David Salois said that because the case involves several businesses in different states, the FBI would be an appropriate agency to launch an investigation. Salois said he put Laurence in touch with an FBI agent. "I've never heard a thing about it," said Mike Bahan, chief criminal investigator for the state attorney general’s office. Bahan referred calls on the matter to the FBI. While Laurence's company is in Raymond, no crime has actually occurred in that town because the businesses hit by the hackers are located in other parts of the state and country. "A crime could be where the call originated from and also where the theft took place, in this place at the company. The theft would be considered the cost of the phone call," Salois said. Whether the case is ever prosecuted really depends on the dollar amount attached to the illegal long-distance calls, said Jay Grant, a spokesman for the FBI's Boston office. At this point no one knows the cost of all the calls made by the hackers through different businesses. Laurence pointed out that many companies do not know their voice mail was attacked until they receive their phone bill and find unusual long- distance calls. Laurence said he has wondered whether the calls are just a prank or somehow connected to terrorists. Grant quickly discounted that theory, saying the odds are slim that the calls to the Philippines could be tied to terrorism, even though there have been reports in recent months of increased terrorist activity in that country. After all, he said, most people who live in the Philippines aren't terrorists. Salois was not so quick to write off Laurence’s theory that the case could be linked to terrorism. "There is the potential. Not knowing and given the climate we live in I'd say it should definitely be looked at," he said. Amanda Noonan, director of consumer affairs for the state's Public Utilities Commission, said she also has never heard of a problem with hackers corrupting voice-mail systems. While the PUC does not investigate cases such as this, Noonan said, the agency will help those companies victimized by phone hackers. Noonan said the PUC would assist customers having trouble getting their long-distance phone carrier to take the illegal calls off their phone bill. "We will work with them and their phone company to get an adjustment made for their calls. I think we would be able to assist customers in that respect," she said. Bill Scherr IV, GSEC, GCIA Electronic Warfare Associates / IIT Lafayette RTI, Camp Johnson Colchester, VT 05446 802-338-3213 - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Dec 05 2002 - 01:36:04 PST