VoIP services are becoming more and more popular year after year. The volume of the market for the provision of unified communications services is growing steadily around the world. The introduction of various unified communications systems is beneficial for the organization not so much from an economic point of view, but from the point of view of a variety of functions, the possibility of integration into business processes, and the convenience of everyday work.
But, despite all the possibilities of modern means of unified communications, the number of hacker attacks on corporate communication systems is growing every day.
Frequent objects of hacker attacks
Voice over Internet Protocol (VoIP) services is a technology that provides reliable communication with the ability to transfer files and media over an Internet connection. This technology is popular because the data is tied not to the device, but to the user, which gives mobility for use on different devices of the same number. For a more complete immersion into the technology, you can read about what a VoIP phone number is.
Telephone exchanges very often become the object of hacker attacks. This is due to the fact that by passing calls through a hacked station and terminating “gray” telephone traffic, an attacker has the opportunity to make money very quickly on hacking. And if hacking any other Internet servers is much more difficult to convert into money, then hacking an IP-PBX makes it possible to get money literally the next day.
And as a result of this, the owner of the PBX may end up with simply huge bills from the telephony operator for conversations (of which he did not even suspect) with some exotic countries. First of all, unfortunately, hacking is facilitated by the human factor, for example:
- unskilled actions of IP-PBX installers;
- weak passwords for phone numbers or their complete absence;
- use of standard passwords to control the telephone exchange;
- use of outdated software versions;
- lack of IP-PBX protection against password brute force;
- lack of a network access control system (Firewall);
- incorrect configuration of the IP-PBX, allowing unauthenticated calls to pass through.
Why is it necessary to protect the infrastructure of IP telephony? The answer is simple – secrets are trusted to the phone, without even thinking about how well they are protected. But history has repeatedly proven that such carelessness is very expensive. Regular scandalous publications with transcripts of telephone conversations once again confirm this.
Not only businessmen and politicians suffer here, but even the presidents of states. In addition to listening, damage is possible in other ways. For example, unauthorized connection to the IP infrastructure and making calls at someone else’s expense, or disabling the entire telephone network. Since all these threats exist, it is necessary to take care of their reflection in advance.
VoIP security threats evolve
Vedere Labs, the cybersecurity research division of Forescout, provides the most recent VoIP information on the most dangerous connected devices. Internet Protocol (IP) cameras, VoIP platforms, and video conferencing systems are at the top of the list. The study discovered two recurrent themes about the rise in assaults brought on by the sheer number of devices tethered to business networks and how attackers employ these devices to their advantage.
Lumen Technologies noted a spike in DDoS assaults directed at VoIP companies in its 2022 Distributed Denial of Service (DDoS) Attacks Quarterly Report. When an online service is overloaded with traffic by attackers, the system becomes inaccessible. They discovered a 315% rise compared to the first quarter of 2022, with the Session Initiation Protocol (SIP), a popular protocol for VoIP networks’ signaling needs, as the main target.
Security is given top priority by providers to boost VoIP client confidence. The development of stronger encryption, specialist security software, and more thorough firewalls is on the rise, according to trends.
Threats and vulnerabilities relevant to VoIP networks
The list of threats that are relevant for VoIP networks is almost identical to the list for any other types of networks (of course, taking into account their own nuances). Among the threats that users of IP telephony should pay attention to are the following:
- Resale of telephone traffic. Attackers can use errors in configuring the trunk, and outgoing traffic routes, as well as the option of anonymous calls (if it is enabled in the IP PBX). Also, to exploit this vulnerability, they can hack accounts or conduct unauthorized account registration. When such a threat is realized, anyone can use reliable IP telephony, and you pay for the traffic.
- DDoS attacks. Relatively easy to implement, but a very effective way to stop the work of a company using IP telephony. During a DDoS attack, attackers send a huge number of requests to the telephony server. As a result, the server resources are “clogged up” and will not be able to fulfill requests from real users, i.e. a reliable connection simply “lies” and refuses to work.
- Attackers gain unauthorized access to the virtual numbers you use and use them for their own purposes. This can be, for example, the collection of data from your customers and partners, the distribution of payment documents with “left” details, and so on.
- Spam over IP telephony (SPIT). Quite often, attackers, having gained access to SIP accounts or numbers, use them to send spam via IP telephony. In addition, such accounts can be involved in DDoS attacks.
- Interception of traffic. By analyzing intercepted network traffic, attackers can obtain information of various kinds: from personal data of employees, customers, or partners, to information that is a commercial secret.
It can be seen that there are many security threats that VoIP telephony users may face. And the above list is far from exhaustive. Attackers are constantly looking for new vulnerabilities to implement various kinds of threats:
- registering someone else’s terminal (allows you to make calls at someone else’s expense);
- subscriber change;
- making changes (distortion) to voice or signal traffic;
- decrease in the quality of voice traffic;
- redirection of voice or signal traffic;
- interception of voice or signal traffic; fake voice messages;
- termination of the communication session; denial of service (on any of the modules);
- remote unauthorized access to VoIP infrastructure components;
- unauthorized software update on IP phone (for example, in order to introduce a “Trojan horse”);
- hacking of the billing system (for operator telephony).
This is just the tip of the iceberg. The VoIP Security Alliance (VoIPSA) has developed a document that describes a wide range of threats to IP telephony, which, in addition to technical threats, also includes extortion via VoIP, VoIP spam, sexual harassment via IP telephony, physical assault on components, and even power failure.
Final thoughts
It can be seen that there are many threats to VoIP. And the main weak point of IP-telephony is “human minds”. It is the underestimation of the issue of VoIP security that leads to most of the problems:
- These are the problems of choosing a VoIP solution, which usually takes place without the participation of security specialists.
- The chosen VoIP solution is not always connected with the already-built network infrastructure.
- The information security department is not always responsible for the security of a VoIP solution – often this is done by a specialist in traditional telephony.
- “Experts” don’t always set up a VoIP solution properly, even if it has proper security mechanisms in place.
- A firewall is purchased that is not capable of adequately processing VoIP traffic, etc.
As a result, the wrong choice of VoIP solution forces the company to spend additional large resources (financial, time and human) to protect the initially vulnerable solution, or leave it unprotected. The main thing is to choose the right provider providing communication services and determine the priority areas for ensuring protection.
