Oh, Oh no! Santa got hacked this Christmas!

It happened on the night of 24th December

The week had been loaded with gifts. As always, Santa was busy going from home to home. When he returned, tired, all his little helpers were asleep. It was quiet — too quiet.

Just a week later, Santa received his telecom bill. What a shock! €24,000. Well, it was a busy time answering all those incoming calls, but not that many outbound international calls. After all, Santa now processes orders and receives letters through the internet these days.

A deeper look at Santa’s hacked phone bill

After a deeper look at the bill, it turns out that hundreds of calls were placed to Morocco and Bosnia over a 48-hour window, starting on Christmas Eve.

Unfortunately, this is not uncommon. Santa might be a VIP, but he’s not alone in this crisis. Fifty other people and private companies were hacked during the same incident, and received a similar bill in early January.

In this common hacking scheme, called PBX hacking, response time is critical. If not addressed quickly, the wound will cut deep and continue to burn thousands of euros per day.

Hacking and illegal usage is hidden and superimposed over legal usage. In a common situation, we have noticed that operators apply mitigation rules after 48 hours. In fact, reducing the detection time to under 24 hours would already cut the damage in half.

Our gift to Santa: A gold pass to Barcelona #MWC2018

Christmas is for everyone — even Santa! So, we are giving Santa an invitation to MWC2018 in Barcelona on 26 February. At the event, we’ll take the opportunity to explain how we use state-of-the-art machine learning in iVoIP (http://ivoip.io).

iVoIP bot notification message via SMS

A real time notification sent by the iVoIP bot

Unlike other security applications, iVoIP does not rely on known patterns. On the contrary, iVoIP is learning and evolving based on real-time traffic patterns. Any significant deviation from the current “normal” usage will automatically trigger notifications via SMS and other rich media applications. Fraud&revenue assurance teams, given the notification and extra insight provided in iVoIP, will be able to confirm and mitigate the threat immediately before it causes any additional damage to reputation and customer satisfaction. Depending on internal process and rules, operations teams might call the customer directly to confirm the abnormal usage, or will apply automated mitigation to session border controller configurations.

If you are a mobile or fixed telecommunication operator, 2018 is the right time to adopt artificial intelligence (#AI). Join Santa in Barcelona and we will be pleased to show you how AI embedded inside iVoIP can benefit your service assurance and revenue assurance process, increase customer satisfaction, and reduce the churn.