• Store
  • Global Presence

Strengthening Global VoIP Security for a Leading International Airline

  1. Home
  2. Insights
  3. Case Studies
  4. Details
Back

Company Kenyan Airline

Overview

The airline is a long-standing premium customer operating across more than 50 international destinations. Its business depends on a sophisticated VoIP ecosystem that supports global reservations, customer assistance, and remote staff operations. The volume of daily communication, combined with a geographically dispersed workforce, meant the airline needed a reliable and secure voice infrastructure at all times.

As global call traffic increased, the carrier began confronting escalating VoIP threats. Attackers probed for weak extensions, attempted credential theft, and exploited the IVR system to generate fraudulent premium-rate callbacks. The growing pattern of attacks placed financial integrity, service continuity, and customer trust at risk.

Black Box, already a trusted telecom partner for the airline, worked alongside Assertion to deliver a targeted and rapid response.

Challenges

The airline’s environment exposed several weaknesses that cybercriminals aggressively targeted. Internet-facing SBCs that enable remote workforces were attacked within minutes of coming online. Over the course of a single month, adversaries attempted millions of SIP registrations to identify valid remote extensions. More than fifty extensions were hit with brute-force activity, raising the likelihood of takeover and service disruption.

The situation worsened in early 2022 when unauthorized access to the airline’s IVR platform resulted in a costly premium-rate call-back scam. Fraudsters manipulated call flows to trigger international call-backs, inflating charges before the issue was detected. Owing to the carrier’s global scale, such anomalies could easily go unnoticed for extended periods.

These incidents revealed broader security gaps. The airline needed a way to track fast-changing malicious IP addresses, identify toll-fraud patterns, analyze call data in real time, and protect remote agents without interrupting live operations. Manual monitoring and periodic audits were insufficient against the pace and sophistication of these threats.

Solutions

Black Box saw the situation as an opportunity to rebuild confidence and introduce a more resilient voice-security model. Working with Assertion, the team deployed a no-obligation 30-day Proof of Concept for Assertion® SecureVoice™. The cloud-based model allowed near-instant activation without altering the airline’s core systems.

SecureVoice™ examined every SIP message and phone call in real time, identifying active attacks, spoofing attempts, and suspicious calling routines. It collected actionable threat intelligence and established clear evidence of hostile activity. The platform also worked closely with the airline’s SBC footprint to uncover malicious patterns that had previously gone undetected.

This approach gave the airline round-the-clock visibility into its VoIP traffic for the first time. It showed how toll-fraud attempts, remote-extension probing, and credential-harvesting campaigns unfolded at each stage. Assertion provided hands-on support throughout the PoC, customizing thresholds, tuning detections, and offering insight into attacker behavior.

The results were immediate and convincing. Within two months, the airline moved forward with a formal procurement process, marking a rare outcome for a government-linked organization.

At a Glance

CHALLENGES

  • A global carrier with more than 50 destinations facing persistent VoIP attacks across its remote-worker network
  • Nearly 5.6 million hostile registration attempts targeting remote extensions in a single month
  • Over 50 extensions subjected to active brute-force attempts
  • A large toll-fraud incident where attackers exploited the IVR system to trigger premium-rate call-backs
  • High operational risk due to distributed call centers, remote agents, and internet-facing SBCs

SOLUTIONS

  • Joint engagement between Black Box Kenya and Assertion to investigate and protect the airline’s VoIP environment
  • Rapid deployment of a cloud-based Proof of Concept using Assertion® SecureVoice™
  • Real-time analysis of every SIP message and call to detect extension harvesting, spoofing attempts, and toll fraud
  • Automated collection of threat intelligence, identification of malicious IP churn, and continuous call monitoring
  • Use of SBC telemetry to uncover suspicious call patterns and ongoing attacks

RESULTS

  • Full visibility into past and ongoing attacks, enabling immediate containment
  • Prevention of further toll-fraud losses and reduced exposure to IVR callback scams
  • Restoration of customer trust after repeated VoIP breaches
  • A successful PoC that led to a formal procurement request within two months
  • Renewed long-term engagement with the airline and stronger VoIP security offerings across the region

BENEFITS

  • Continuous 24x7 monitoring and real-time detection across all remote-worker VoIP channels
  • Protection against extension takeover, eavesdropping, and data exfiltration
  • Verified calling to reduce identity theft and improve call answer rates
  • Policy-driven mitigation that preserves uptime and business continuity
  • A reusable VoIP security model for other enterprises with similar risks

Results

The strengthened monitoring structure drastically reduced the airline’s exposure to VoIP threats. SecureVoice™ blocked ongoing extension attacks, flagged suspicious call origins, and prevented further toll-fraud activity. IVR call-back risks were contained, and operational teams gained the clarity required to act quickly on emerging issues.

The PoC also helped restore faith in Black Box’s ability to safeguard the airline’s communication infrastructure. The renewed partnership set the foundation for a long-term security roadmap, positioning Black Box as a leading advisor on voice-security strategy.

Why Black Box?

Black Box offered deep industry experience, a strong local presence, and the ability to respond decisively during a high-pressure situation. Their partnership with Assertion combined telecom expertise with advanced real-time VoIP security analytics.

The airline benefited from a single accountable technical partner who delivered a fast PoC rollout, provided clear visibility into ongoing threats, enabled rapid mitigation of live attacks, and established a scalable defense model for its global customer operations.

This collaboration reaffirmed Black Box’s role as a trusted provider capable of safeguarding mission-critical communications in complex and globally distributed environments.

Publishing Date: February 13th, 2025

Download PDF

Industry: Transportation, Airports,

Subscribe Now