cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
452
Views
0
Helpful
7
Replies

VoIP Security and Industrial Espionage

Vance Krier
Level 4
Level 4

Hi All,

I have a question regarding security. I'm getting ready to deploy a very, very secure network for a client that potentially includes a CM VoIP system. The customer has been told by the guy putting in the physical security system, that these VoIP systems are extremely unsecure. More specifically, he said you can get a black box from Russia (or somewhere like that) and point it at a building with a VoIP system and pickup all of the conversations.

I'm a little out of my depth with all of this extreme security stuff, but it would seem to me that's a little unlikely. We're running only fiber to the desktop for PCs and phones. There will be a small transceiver to covert from fiber to a very short cat5 drop to the phone. The server room is highly secured and enclosed in a copper mesh, so nothing will be coming from there...

No wireless allowed. No analog lines, T1s only. Lan security is a no brainer, IDS, Firewalls, etc, etc.

Please help me out with any docs, myths, recommendations, etc. I don't even know how to counter these claims because I just don't fully understand what the capabilities are of people who are really determined to get at information.

Thanks,

Vance

1 Accepted Solution

Accepted Solutions

Dazed...

The offical govie term for what your talking about is called TEMPEST, or the study of electromagnetic radiation emanations from electronic equipment (insert NSA reference here). This was really a big deal several years ago when everyone used "other" crap phone systems and pre-70's wiring. Spies would sit in vans in the parking lot, point some antennas pointed at building picking up the radiating signals off a CRT monitor. The best way to defeat this is using the simplest of items....chicken wire or mesh fencing, which you mentioned your customer is already doing. The other good countermeasure is fiber. Since fiber doesn't give off electromagnetic radiation emanations, it is widly used in government facilities. Using a transceiver to convert the fiber to CAT 5 of less than 3 meters is accepted security standard. I'm suprised that your security guy isn't endorsing a VoIP system, which from a TEMPEST point of view is much more secure than the latest TDM system! The point is that if his LAN security is in place, that's just less $$$ he must spend to secure his voice network as well. As for the realistic idea that I could use an antenna to pull VoIP packets off the wire, reassemble them into an intelligible converstation, well, I'd rather wait on the check that bill gates and intel will send me to forward an email to all my friends. In a word, bulls%&t.

This sounds like the ol' "I don't know anything about VoIP, so I should make it sound scary" sales trick, as opposed to the ol' "Press hard, third copy is yours" jedi mind trick. Relax and do a google search and TEMPEST and arm yourself with some information to defend VoIP from this fool.

Just my $.02

View solution in original post

7 Replies 7

jmessina
Level 1
Level 1

Tell him that Cisco built in Russian black box prevention (via a patch) into CCM 3.2(2c) and its the Turkish red boxes that are now dangerous :-)

I would thank him for his advice and commend him for his creativity, and then I would have another vendor come in to do the physical security.

But thats just me.

Oh man, I could have sworn that the Turkish red box patch was rolled into 3.0(8)...maybe they've got a new model...

No, but seriously, I know there are devices (people) that can use specialized electronic surveilance tools to pull information directly off computer screens and data networks....at least I've heard of that on numerous occasions...

I know we're talking extreme here, but the customer does have some legitimate concerns regarding protecting their intellectual property. I guess if its possible for someone to remotely 'pull' data from a network, then the Voice systems wouldn't be any different. Of course, I can't see a TDM based system being any less vulnerable..but then again, I don't know anything about this stuff...

And as for the physical security guy, he seems really with it. I actually liked the guy till he pulled this crap directly with the customer. Probably just a petty competition 'piss on the other guy' type thing.

Thanks again,

signed : 'dazed and confused'

Dazed...

The offical govie term for what your talking about is called TEMPEST, or the study of electromagnetic radiation emanations from electronic equipment (insert NSA reference here). This was really a big deal several years ago when everyone used "other" crap phone systems and pre-70's wiring. Spies would sit in vans in the parking lot, point some antennas pointed at building picking up the radiating signals off a CRT monitor. The best way to defeat this is using the simplest of items....chicken wire or mesh fencing, which you mentioned your customer is already doing. The other good countermeasure is fiber. Since fiber doesn't give off electromagnetic radiation emanations, it is widly used in government facilities. Using a transceiver to convert the fiber to CAT 5 of less than 3 meters is accepted security standard. I'm suprised that your security guy isn't endorsing a VoIP system, which from a TEMPEST point of view is much more secure than the latest TDM system! The point is that if his LAN security is in place, that's just less $$$ he must spend to secure his voice network as well. As for the realistic idea that I could use an antenna to pull VoIP packets off the wire, reassemble them into an intelligible converstation, well, I'd rather wait on the check that bill gates and intel will send me to forward an email to all my friends. In a word, bulls%&t.

This sounds like the ol' "I don't know anything about VoIP, so I should make it sound scary" sales trick, as opposed to the ol' "Press hard, third copy is yours" jedi mind trick. Relax and do a google search and TEMPEST and arm yourself with some information to defend VoIP from this fool.

Just my $.02

Awesome! That's fantastic. I was able to find more information than I could possibly read through. In case anyone else was interested, the following link from SANS is a good read through and they've got some more good links at the bottom.

http://www.sans.org/rr/toppapers/TEMPEST.php

I think I'll be much better prepared to go to battle over this.

Thanks again,

Vance

JeffG1
Level 3
Level 3

Also keep in mind, what are you going to be doing on this VOIP network.. Calling the outside world right? Once you telephone call leaves your building for the PSTN, its any ones guess who can listen in on that call. Not to mention who you are calling on the other end... The same guy could goto the building you are calling, and point his magic black box in their direction and hear what you are saying also...

Your best bet for security is an encryption device at both ends of the conversation...

Also you can point a dish into your building and and listen to the sound waves of your voice as you speak, whether that’s into a traditional phone, voip phone of a block of wood... The only way to prevent this would be to get a tempest certified shielded room...

Tell the security guy, your more worried about the alien mind rays then the Russian spy boxes, and you are going to have every one wear Aluminum foil hats

Exactly. That was a point I made already...one of the reasons we're requiring voice T1s only...at least it makes it a little harder to tap into...although probably not if you have the right equipment. One of the current issues is that they don't have any special windows to prevent those high-tech listening devices from picking up the sound waves off the windows.

I'm not sure yet exactly how far they want to go. Once we put some numbers on this stuff..I imagine the requirements will get lowered somewhat.

I think they're going to have to put some type policy in place regarding confidential conversations. But, regarding those encryption boxes. I've read a little bit about that, anyone have any experience with them? Do they plug in between the handset and the phone so they are system independent? This may actually be something they might want..

Speaking of insane technology. I was doing some reading on this stuff and there are papers describing pulling information off of systems via the hard drive status LEDs!! Something about the status lights are actually modulated signals and they were able to get real data from servers, backbone routers, etc from the blinking status LEDs at distances of 1km!!!

There was another technology talking about people using RF devices like cordless phones, cell phones, pagers, etc in close proximity to secure data systems and the secure data somehow getting on the RF signal and equipment being about to pull the data off the RF sidebands, etc.

This is wicked, wicked stuff. I'm sooo out of my league!

Thanks again for all of the help!

Vance

I did find this web site.. http://www.tccsecure.com They seem to have some products. However all of these are probably going to be analog devices. You will need an analog gateway.. The VG248 would work…

And Yes a cell-phone, two-way pagers, black berry and or palm pilot can all piggy back signals....

Also keep in mind to build an EMI Shielded room will cost you millions! You get into things like filtered power and grounded water pipes… Fiber options would be the only lines in or out of the room…

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: