backgroundstore - Fotolia
How can organizations address VoIP security threats?
An unguarded VoIP system could be vulnerable to attack. Learn what security measures can help prevent VoIP security threats from affecting your organization.
Threats to voice over IP calls are similar to threats faced by any other data transmission. One common VoIP security threat is the distributed denial-of-service attack. These attacks bombard an interface with massive amounts of data packets to prevent the flow of regular traffic. Threats from DDoS attacks can be mitigated with a good firewall. Most cloud-based VoIP providers will include a firewall with their VoIP software.
Another threat, known as an evil twin, occurs when a wireless access point is mimicked in order to phish information. Public wireless networks are particularly vulnerable to this kind of attack if they aren't password-protected or encrypted. Users should exercise extreme caution when using a public hotspot.
When users sign on with an evil twin interface, their username and password information becomes compromised. In the case of VoIP phone calls, spoken words, phone tone presses and other information may be compromised. A softphone compromised by an evil twin would enable an attacker to spoof, listen to and make calls on someone's behalf. Additionally, if the wrong people gain access, VoIP systems can fall victim to call fraud.
Call jacking and man-in-the-middle attacks can also be VoIP security threats. These attacks occur when Session Initiation Protocol traffic is intercepted and the server is tricked into thinking its participating in the call. Call jacking and main-in-the-middle attacks tend to occur less frequently but can be thwarted with the use of a VPN and encryption. In addition, desktops that use softphones should be equipped with antivirus and antimalware software.
A simple but important thing you can do for VoIP -- and overall network -- security is to remind users not to open attachments from unknown senders. Additionally, users should confirm any suspicious links or attachments from known senders. IT should train users to verify email signatures to check for spoofing. Having antivirus and antimalware software on the server side is another good idea. Some VoIP providers have protective software that can do a deep packet inspection. Be sure to continuously patch servers with the latest updates to minimize the potential for new VoIP security threats.
