Telecom fraud costs Cuba over $10 million annually

Cuba lost over 10 million U.S. dollars in revenue a year due to fraud in telecommunications services, the National Information Agency (AIN) reported recently.

Jorge Sacre, director of the anti-fraud department at the state-run Telecommunications Company of Cuba (Etecsa), told AIN that a considerable number of users sought to avoid legally established traffic channels for international calls by using new technological development that hinders their traceability.

The most common crimes include the theft of lines belonging to legitimate users, subscription fraud and creation of international systems that offer an adjacent service with lower fees than those established by legal telecom service providers, said Sacre.

These crimes can be carried out through the installation of satellite dishes, and the use of ordinary telephone and Internet access, he said.

For every minute of call made via these alternate routes, Cuba lost 0.60 dollars in revenue, and calls originating from these sites were then distributed through the National Communications Network as a local or long-distance call, causing more substantial losses, said Sacre.

Cuba has a large expatriate community living in the United States, the epicenter of global telecommunications fraud, and Cuba’s proximity makes it more vulnerable, Sacre added.

The island ranks among the 17 countries most affected by such violations, he stressed, adding that Etecsa is working to develop fraud detection mechanisms and various measures to blacklist users who commit such crimes.

Comptel PLUS Fall 2014 Early Bird Registration Extended

If you missed out on Comptel’s early bird registration deadline, don’t fret – they’ve extended it!

Save more than 25% if you register before July 31.

Register at: http://www.comptelplus.org/

When you attend or exhibit this Fall, you’ll experience the difference: enhanced session content, greater sales opportunities, lively entertainment and a more productive networking environment.

If it has been awhile since you were at COMPTEL PLUS, it’s time to return and see what’s new. If you’re a broadband, cloud, satellite, over-the-top (OTT) or wireless provider, or one of their strategic partners, the COMPTEL PLUS Fall 2014 Convention & EXPO will deliver:

  • Unprecedented access to key decision makers.
  • Extensive networking opportunities.
  • An ideal environment for meeting existing clients and new prospects.
  • Our innovative, interactive Business PLANner for scheduling meetings.
  • Foresight into new trends and challenges.
  • Strategic insights into potential policy reform impacting the industry.

A Guide to SIP Phones

IP communications and SIP have revolutionized the way that businesses communicate with their customers and each other, but very few people understand what these technologies really do. We live in a time when technology is advancing at such a fast pace, even the most savvy IT experts can feel a bit dizzy. That said, it’s time we explore SIP phones and explain what you need to know about them.

SIP technology itself gives entire companies the ability to communicate with advanced VoIP features and gives way to powerful instruments like SIP phones and SIP trunks. To truly appreciate what this technology does for you, you will have to understand it.

Let’s first talk a little bit about the IP phone. It was, as its name implies, a phone that connected to an Internet protocol (IP) network through its Ethernet LAN connection. Many businesses still use it, and it’s working quite well for them. However, if you want to buy an IP phone, you might have to get it from the vendor that gave you your private branch exchange (PBX). It’s proprietary, using signaling protocols that are unique to the particular PBX you’re utilizing. This has been the cause of much frustration in the business community as companies have jacked up their prices without warning because of the leverage they have. The other catch is that you can’t get a better IP phone from another company without entirely changing your telephony infrastructure.

Along comes SIP, and turns this entire system on its head. The session initiation protocol (SIP) is a standard in itself. To say you are using SIP means that you are using one particular protocol with a strictly defined set of rules. For this reason, if you’d like to get an SIP phone from another provider, you can do it without even asking your own provider for anything.

So, SIP phones are just IP phones that follow a standard set of rules that are shared among all SIP providers. This makes them the prime target for companies wishing to switch over from proprietary IP PBX systems.

BroadSoft Announces Keynote Speaker for BroadSoft Connections 2014

BroadSoft, Inc. recently announced that J.B. Wood, President and CEO of the Technology Services Industry Association (TSIA) – the technology industry’s largest association for services – will be the keynote speaker at BroadSoft Connections 2014: Power Up.

BroadSoft Connections is BroadSoft’s annual users’ conference that provides critical insight into the communication needs of businesses and strategies for service providers to meet these market requirements. At this year’s event, attendees will discuss how more intense business cycles, pervasive global competition and faster flow of information are driving new, innovative requirements for Unified Communications. Attendees will leave this year’s event armed with strategies for delivering and leveraging productivity enhancing solutions that ensure efficient enterprise collaboration, timely customer responsiveness, maintaining supplier relations and more. Strategic discussions will focus on:

  • Demonstrating the productivity enhancing capabilities of Unified Communications
  • Delivering a superior, seamless customer experience, from the initial benefit messaged to targets to service adoption by new customers
  • Solving critical business issues by extending UC through business app integration

J.B. Wood is a sought-after speaker, author and expert on services in the technology sector. His popular books include Complexity Avalanche: Overcoming the Threat to Technology Adoption (2009), Consumption Economics: The New Rules of Tech (2011), and B4B: How Technology and Big Data Are Reinventing the Customer-Supplier Relationship (2013), which will be a focus of his discussion at the event. He is a well-known and well-respected industry figure, having appeared in Fortune, New York Times, Wall Street Journal and other leading publications.

During his keynote session, Wood will share advice and strategies around adopting new business models, addressing the new business environment and next-generation technology industries where suppliers play an active, on-going role in helping business customers achieve unparalleled value from their technology investments.

“J.B. Wood’s unique understanding of how technology can best support and improve business processes will resonate with attendees seeking to deliver the unified communications businesses are demanding to improve the productivity of individual employees and groups, and enhance the overall efficiency of their organization,” said Michael Tessler, president and chief executive officer, BroadSoft. “I am very excited to have J.B. Wood join us to kick-off our annual users’ conference to share his insights and predictions.”

BroadSoft Connections will take place in Scottsdale, Arizona, 12-15 October 2014. For more information, please visit: http://broadsoftconnections.com.

Level3 Wants FCC to Impose ISP Interconnection Requirements

Level3 Communications wants the FCC to impose interconnection requirements on Internet service providers – a move the company said is necessary to “fully protect the free and open Internet.”

The company recommends three specific ISP interconnection requirements, which were outlined in a blog post written by the company’s general counsel for regulatory policy Michael Mooney yesterday. Mooney said Level3 already has similar arrangements with several ISPs and “the solution is good for everyone.”

Proposed ISP Interconnection Requirements
Level3’s proposed ISP interconnection requirements include:

  1. If a content provider or a network operator providing connectivity for the content provider delivers content into the ISP’s local market closest to the location of the ISP’s customer requesting the content, the ISP should be required to deliver the traffic to its customer without charging an interconnection fee – provided that the content provider delivers a certain amount of traffic in the aggregate to the ISP.
  2. The ISP would be able to select the interconnection location but selections would have to be “reasonable.” For example, each location would have to serve a minimum number of the ISP’s customers and the location would have to be served by several different metro transport service providers to ensure that the ISP has competitive choices.
  3. If interconnection capacity becomes congested at any interconnection location, it would have to be promptly augmented.

58% of CIOs Expect IT Spending to Increase

New market research from global media business UBM Tech offers insights into chief information officers (CIOs). When it comes to their main business challenges, CIOs view lowering costs, network uptime, IT innovation and security breaches at the top of the list, according to “The CIO State of Mind – How to Successfully Engage with CIOs.”

CIOs view mobile and security as key IT priorities, the UBM Tech research found. Fifty-four percent of CIO respondents, moreover, said they would like their IT organization to do more with mobile apps and devices, while 53 percent would like to improve security.

CIOs are also optimistic when it comes to IT spending: 58 percent said they expect it will increase year over year in 2014.

When it comes to how CIOs make technology decisions, UBM Tech found that they rely heavily on peers. While the CIO ultimately makes the decision, “the purchase process is extremely collaborative,” according to UBM.

Sixty-five percent of IT execs get involved in new tech purchases. Seventy-three percent of respondents said management’s view is an important part of making tech decisions. Twelve people are involved in such decisions on average, UBM found.

Commenting on the report, UBM Tech Research Director Amy Doherty said, “CIOs rely heavily on peers for input when they are making technology decisions. Tech marketers would be wise to include peer-based insight across their content marketing strategies.”

The Relationship Between VoIP and Unified Communications

Often we talk about unified communications and business VoIP as if they were two separate products. And they are, to a point. Business VoIP is IP-based phone service and unified communications (UC) is not only voice but also video conferencing, chat and presence all rolled into one.

Business VoIP and UC are deeply related, however, and while you can have business VoIP without UC, you can’t have UC without a strong business VoIP foundation. That’s because voice is a crucial component of UC. It is the foundation, really. UC is the unification of all communication channels, and voice is the foundational business communications channel outside of direct, face-to-face interaction. No good UC platform can stand without good business VoIP at its core. In many respects, UC is just business VoIP expanded with integration from the other channels.

This is how UC starts for many businesses, too. A business phone system becomes a VoIP system, and once the business has the flexibility and features of IP-based phone service it is only a short hop to bring VoIP together with other communication channels.

Business VoIP is not only the foundation of UC, but it also is the gateway for most businesses.
The first step for any business that is considering UC is getting the business VoIP component right.

VoIP Termination Operators Evade Fees in India

The process of terminating VoIP calls has its fair share of regulations, just like any other service, but sometimes ensuring that operators stick to those regulations is half the battle. In India, this seems to be the case, as 14 international gateway operators appear to be dragging their feet when it comes to paying their annual license fees. In fact, they have failed to pay the fees even after repeated reminders from the telecom regulator.

According to officials, the 14 operators that have neglected to pay their license fees owe around Tk 700 million (or approximately $9 million). Up until 2013, the annual license fee for international gateway (IGW) operators was Tk 70 million (or about $903,771), but beginning this year moving forward, the fee will be significantly reduced to Tk 35 million based on an amendment to the IGW guideline.

So, if fees are lowering this year, what’s the hold-up? Whatever the reason, the Bangladesh Telecommunication Regulatory Commission (BTRC) has set a hard deadline for these operators. Under the timeframe, they have until June 30 to pay any outstanding fees, after which point they will be subject to administrative action taken by the BTRC. Some operators asked for extensions to the deadline but have not given any indication of getting the fund together.

It’s important for the government to collect these fees, as they are key to its revenue for the sector. According to officials, these operators not only owe their annual fees, but also dues with the regulator from revenue sharing part of their income—dues that could be worth up to Tk 10 million.

The BTRC is playing hardball with these operators as a result. It has suspended or cancelled the operations of 11 of the IGW operators that have failed to pay their fees. Other operators have fled altogether to avoid the payments and have shut their doors on their own.

VoIP Crimes in Kenya Raise Serious Concerns

Kenya’s financial institutions lose nearly Sh1.6 billion yearly to cases of fraud and cybercrime, according to a shocking report published this month by the 2013 Banking Fraud Investigations Department (BFID). Even more concerning, the statistic marks a nearly 300 percent increase over a nine month period in 2013.

As the developing world gains access to the Internet, the immense vulnerability and lack of infrastructure in these nations is exposed. Pouring resources into advancing technology and restructuring the way businesses operate is not enough to raise them among the ranks of the global economy. Often, the trappings of the internet and overexposure lead them even more susceptible to criminal activity, and in this case fraud.

Even more devastating to the hopes of Kenya and other nations, these crimes are often produced “through schemes hatched by employees, [who] took advantage of the online and mobile banking platforms to temper with the web systems in their respective banks to siphon out the cash,” according to William Makatiani, managing director of Serianu Limited, a leading IT services firm in Kenya.

As the banks become more digitized, internet transactions, online banking, mobile money transfers and cyber credit card and check payments become increasingly the norm in a country that does not possess the ability adequately protect all of these assets. Makatiani highlights the two fold advantage to these fraudsters of preying on a population with a “growing dependence” on the new infrastructure and a “perceived lower risk of detection and capture…as compare to more traditional crime.”

Hackers are preying as well on the popularity of VoIP services, breaking into private branch exchange (PBX) phone systems to make illegal and fraudulent calls on behalf of the bank they represent, and taking money from unsuspecting civilians. Banks are equally hurt as they are left completely liable for the lost money. “Car selling companies” based on the internet are also targeting unsuspecting consumers selling them ghost cars and other nonexistent goods.

Beyond the banking industry, the Kenyan government itself is facing major risks with their newly launched programs. The Kenya Revenue Authority’s iTax system, the Kenya Trade Network Agency, and the Integrated Financial Management Information System, all face serious threats. In 2013, network attacks grew by 108 percent to 5.4 million compared to just 2.6 million the previous year. Makatiani states that nearly “85 percent of all Web application in the country are unsecure and available for attacks.”

Kris Senanu, chairman of Telecommunications Service Providers of Kenya, a technology industry lobby group, sees a partnership between the private sector and the government as the solution to the growing threat. Senanu called for corporate and government organizations to impose security sanctions at the beginning of ICT (information communication technology) infrastructure creation.

The Principal Secretary in the Ministry of Information, Communications and Technology, Joseph Tiampati ole Musuni responded with the promise of a National Cybersecurity Strategy to research, create and regulate the growing problems in Kenya’s technology industry. He envisions a Kenya Computer Incident Response Team Co-ordination Center to be formed and operational by August of 2014.

The example of Kenya points to the realities of technology in developing countries. Simply dropping off advanced systems and operations at their doorstep is not enough to aid developing countries in playing catch up with the global superpowers. These are delicate states with intense structural inequalities and problems that cannot be fixed with faster processors. The entire society must play a role in the advancement of the economy and technology, and cannot leave gaping insecurities that will render them even more powerless.

Following Heartbleed, VoIP Providers Continue to Reassess Security

The open-source cryptographic library OpenSSL showed the world that it had a major vulnerability this past April. Known as the “Heartbleed” bug, OpenSSL proved itself vulnerable to hackers who wished to exploit its process that functioned to keep two computers in communication with one another. It appears, however, that Heartbleed was not the only flaw because the OpenSSL project recently named six additional vulnerabilities associated with the platform.

The advisory report the group initially released June 5 lists the six vulnerabilities. The list includes a DTLS invalid fragment vulnerability, a SSL/TLS MITM vulnerability, a DTLS recursion flaw, a pointer dereference, a session injection or denial of service, and an Anonymous ECDH denial of service bug.

Out of these six, Tech Republic points out that the first two are most worrisome. OpenSSL describes the DTLS invalid fragment vulnerability as “a buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server.” And it continues by mentioning that the vulnerability “is potentially exploitable to run arbitrary code on a vulnerable client or server.”

Tech Republic points out that this bug can affect businesses utilizing VPN and VoIP platforms because those platforms may require the use of DTLS – a method of encrypting UDP packets. Hackers taking advantage of the DTLS vulnerability could potentially run code on a business’s server from a remote location, so any business in the VPN or VoIP market will want to examine its code to find out if this flaw could hinder its operations.

The other worrisome problem, the SSL/TLC MITM vulnerability, stretches back to the early days of the software, and exploiting this flaw, “an attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server,” OpenSSL reports. Public Wi-Fi hotspots and open source VPNs may be at risk here, Tech Republic says, and that could result in the vulnerability as able to affect a substantial number of people.

Organizations operating VPNs, VoIP software products, Wi-Fi hotspots, or open source VPNs will want to upgrade their services as quickly as possible. OpenSSL says that the vulnerabilities have been patched and that users can upgrade their software versions to take advantage of those patches. Users of such services may still want to check that the software and platforms have been upgraded and are using that patches so they are not caught in any possible hacker crossfire.