Hackers always use the same method: they are looking for companies whose PBX has an integrated voicemail function (answering machine) in order to manipulate it via remote access. All PBXs that have been recently manipulated showed poor security measures such as insecure PINs. Auerswald PBXs have sufficient security mechanisms. But they have to be used!
Therefore, please follow the following recommendations to protect your Auerswald PBX against such attacks:
- The admin PIN, the user PIN or the voice mailbox PIN can be used for the remote access. Do not make it easy for the attacker and use complex PINs (The PINs in the PBXs consist of six digits. Number sequences such as "123456" or "111111" or birthdays are NOT secure. It makes more sense to use random number sequences.
- If possible, use the blocking functions for incoming calls (e.g. block calls from abroad).
- It is more secure to use message forwarding via email and to disable the remote access.
- For outgoing calls, prefixes (010…) in order to make the call cheaper are often used so that the protections of the Telekom (detection of high costs in a short time) are not effective. You can secure your PBX by using the blocking functions for outgoing calls (e.g. for calls that begin with 010).