Mutare Inc., a leader in solutions to protect voice network traffic, released an industry “Voice Network Threat Survey” that reveals serious shortcomings in enterprise security protections against voice network attacks.
With responses from cybersecurity and networking professionals at RSAC 2022 and Cisco Live, Mutare found that nearly half (47 percent) of organizations experienced a vishing (voice phishing) or social engineering attack in the past year.
More troubling, most are unaware of the volume of unwanted voice traffic (phone calls) traversing their voice network, or the significance of threats lurking in unwanted traffic, which includes robocalls, spoof calls, scam calls, spam calls, spam storms, vishing, smishing and social engineering.
Mutare’s “Index of Unwanted Voice Traffic” shows that across all industries nine percent of all calls (or, voice traffic) received by businesses are unwanted. Moreover, 45 percent of all unwanted traffic is tied to nefarious activity, while 55 percent is tied to nuisance activity.
Remarkably, more than one-third of respondents to the Voice Network Threat Survey (38 percent) said their organizations do not collect any data on the amount of inbound, unwanted and potentially malicious voice traffic hitting their organizations.
Of those that do collect such data, 23 percent of respondents estimated that 5 percent to 10 percent of inbound calls were unwanted, followed by 15 percent of respondents who estimated that more than 10 percent of inbound calls were unwanted, and 10 percent of respondents who estimated that more than 20 percent of calls were unwanted.
The biggest source of security risk stems from employee errors, according to 43 percent of survey respondents. That ranking was followed by the risk from email (36 percent), endpoints (35 percent), data networks (17 percent), data storage (12 percent), and applications/core systems (9 percent).
Only 10 percent of respondents cited their voice networks and phone systems as the biggest source of security risk in their organizations, reinforcing a widespread lack of awareness about this problem.
More than one-third (36 percent) of respondents cited security awareness training as the top solution to protect voice networks from Vishing (voice vishing) and Smishing (SMS phishing) attacks. That approach was followed by traffic firewalls (34 percent), spam blockers (26 percent), training for vishing attacks (20 percent), training for social engineering (23 percent), and threat detection (13 percent).
In addition, more than one-fourth of survey respondents (26 percent) were unsure about which tools were being used to protect their voice networks, and 9 percent said their organizations had no solutions in place to protect their voice networks.
The Mutare Voice Network Threat Survey was taken by more than 150 onsite attendees at tech industry trade shows in June 2022. For more information about the survey results, visit: https://www.mutare.com/executive-report-voice-network-threat-survey-2022/ or for more information about the company, visit: https://www.mutare.com/.
