New tool turns attention to telecom security risks

SecureLogix Corp. this month announced the release of a product that is designed to assess the security of telecommunications networks.

TeleSweep Secure, the company's first product, scans telecom networks for unsecured modem, fax and phone lines that could provide hackers with a backdoor into an agency's computer network.

While most organizations have put in place security solutions such as firewalls and vulnerability assessment systems to protect their computer networks, intruders often find it easy to access a network through modems that are connected to computers on the network.

An unsecured modem left on and connected to the network, whether it is inside an agency or on a home or mobile system, provides a wide-open hole for intruders to get into the network, and it enables them to completely bypass any network protections in place, according to the company.

"Users are basically lazy," said Steve Samaniego, director of product management at SecureLogix. "It's easy to put in the modem, and they don't take the time to include the security."

TeleSweep Secure uses dialers to automatically call and scan an organization's telephone lines to determine if they are connected to a modem, fax or phone line. When the system detects a modem, it attempts to penetrate the network through that modem using password guessing, then it reports back to a central management server whether the modem is secure. Further action will be determined by an agency's security policy.

The product could fill a large hole in many agencies' security architectures, said Diana Kelley, a senior security analyst at Hurwitz Group Inc. "It's a tool that should be in the arsenal," she said. "Being able to check your telephone networks is absolutely critical to your network security."

SecureLogix also has an advantage in offering new security products such as TeleSweep Secure because most of the company's founders and employees come from the Air Force Information Warfare Center in San Antonio, she said.

Computer Sciences Corp.'s security group, which is looking at partnering with SecureLogix in the federal market, performs "ethical hacking" simulations on client networks to discover vulnerabilities. In the past, it has succeeded in penetrating networks completely undetected by using unsecured modem lines, said Thomas Funk, program manager at CSC.

"As far as I know, [it is] the only product that can do what [it does]," Funk said. "If a product like theirs was in place it would have been much more difficult to get in."

In fact, many organizations have ignored information about the security of their modem pools and telephone networks in security audits because automated tools to check those vulnerabilities have not been available, Kelley said.

Most of the products available that perform this type of telecom network scan are hacker tools, such as ToneLoc, that can scan only one line at a time. The TeleSweep Secure management server can set the dialers to scan multiple lines at the same time and also can set the scans to happen as often as an administrator wants.

"It's so easy to add these [unsecured] modems that you need to be checking more frequently," Samaniego said.

The system also is designed for enterprise use, so agencies can place dialers in as many offices around the world as needed, and the information is sent back to the central management server via the Internet in an encrypted transmission.

SecureLogix also is planning a second product that will be tightly integrated into TeleSweep Secure called TeleWall, due out at the end of this year. It will serve as a firewall for the telecommunications network, sitting outside an organization's PBX to log all incoming and outgoing calls.