Cybercriminals and threat actors today can attack just about any software or cloud service. Voice over Internet Protocol (VoIP) is no exception. As VoIP calls are generally routed through the same paths as network and internet traffic, VOIP can make an attractive target for cybercriminals — one that IP teams generally don’t have as a high priority.
In this article, we’ll highlight the most common VoIP security challenges and how to protect against cybersecurity threats.
What Are Cybersecurity Threats with VoIP?
While there are significant benefits to VoIP for businesses, you also need to be aware of the cybersecurity risks involved. While there are plenty of ways cybercriminals can exploit your VoIP systems and infiltrate your system, there are also some fairly simple ways to protect yourself.
Here are some top ways hackers can attack your VoIP system and solutions to reduce your risk.
Packet Sniffing
Packet sniffing is one of the more common ways hackers attack VoIP systems, especially for small and medium-sized businesses. Cybercriminals prevent data packets from reaching their destination or intercept data in transit. This can expose data such as user credentials or other sensitive information and degrade service. Threat actors may also insert packets into the data stream to control routers.
Make sure you use a VoIP solution that deploys end-to-end encryption for every call and monitors network traffic for suspicious activity or unfamiliar login attempts.
Distributed Denial of Service (DDoS) Attacks
DDoS attacks occur when hackers overload servers so that they are unable to access the resources needed to operate efficiently. This can result in no service, slow service, latency, and poor call quality. Botnets generally initiate these attacks to be conducted at scale, overwhelming systems and causing trouble.
To limit exposure from DDoS attacks, IT administrators should maintain separate internet connections for VoIP traffic or segment traffic requiring authentication. This can prevent attacks from migrating from VoIP to your network or vice versa.
Phreaking / Toll Fraud
Phreaking is another way hackers can gain access to your VoIP system. In the old days, threat actors would exploit phone systems by simulating audio tones legacy systems used to dial. Today’s version includes gaining access to your VoIP system and causing mischief. For example, cybercriminals might use your system to make outbound calls, especially overseas calls that might not be included in your calling plan.
Toll fraud can run your bill up quickly before you notice a discrepancy at the end of the month. According to the Communications Fraud Control Association (CFCA), toll fraud costs organizations nearly $40 billion annually by taking control of local phone systems and generating high-volume international calls. These calls are generally placed to numbers that charge a fee to access, meaning cybercriminals can run up your phone bill dramatically.
You can help safeguard your system against phreaking by making sure you do not save billing information in your browser, encrypting your calls, and changing account passwords regularly. You can also require two-factor authentication (2FA) before any account access is allowed.
If your software allows it, place restrictions on international calls and the number of concurrent calls allowed.
Voice Over Misconfigured Internet Telephone
The acronym here is VOMIT. In a VOMIT attack, threat actors eavesdrop on calls and convert confidential information and voice packets into files. Within these files, they can extract confidential or sensitive information.
Encryption plays an important role in defeating VOMIT attacks. You can also reduce risks by employing a private branch exchange (PBX) rather than using the public telephone network for VoIP calls.
Spam Over IP Technology
We tend to think of spam as annoying emails that flood our inboxes, but it applies to calling as well. We’ve all experienced robocalls, but did you know they can be used to deploy malicious payloads such as malware or viruses? Spammers can make a nearly unlimited calls to the IP addresses associated with a VoIP account. Listening to a robocall can redirect users and deploy viruses or spyware.
You can mitigate the impact of spam over IT technology (SPIT) by having a robust and reliable firewall and employing voicemail management tools that allow you to block numbers easily and prevent spam calls.
You can also enable network address translation (NAT). This is a feature of routers that provides devices with a private IP address that can only be seen on your local area network. This prevents threat actors from discovering the private IP address of devices.
Vishing
Vishing is similar to phishing, which uses email to initiate business email compromise (BEC), trick users into providing passwords, or take fraudulent actions. With vishing, cybercriminals pretend to be someone they’re not to fool you into giving up sensitive information.
You can protect against vishing by using caller authentication, such as STIR/SHAKEN. Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using tokens (SHAKEN) standards validate callers to ensure they originated from the number that’s displayed.
Take Proactive Security Measures for VoIP
Anytime you use a cloud-hosted third-party solution, you are depending on your provider to secure their software and network. If their security is compromised, it can deliver malicious payloads through their connection to you. It can also put your data at risk. More than 350 million customer records were exposed from one such breach of a VoIP provider.
If you are using a cloud solution for your telephony, make sure your provider follows best practices for cybersecurity.
6 Steps to Safeguard Your VoIP Systems
While there are a variety of different ways hackers can challenge the Security for VoIP systems, you can defeat most of them by employing these six simple steps.
- Use strong passwords and 2FA. Default passwords are easy to guess, and there are lists published on the internet. Unfortunately, many businesses never change their defaults. Change passwords regularly, require strong passwords, and two-factor authentication.
- Require end-to-end encryption. Encryption protects data packets in transit, reducing the potential for someone to eavesdrop on calls digitally.
- Use VPNs. Virtual private networks (VPNs) can enhance VoIP security by encrypting traffic. This is especially important for your remote or distributed workforce that may be connecting to your network through the public internet or WiFi.
- Close port 80. The web interface for VoIP phones uses HTTP, as does Port 80 on routers. Until you close port 80, your phone’s interface will display a public IP address that can easily be found.
- Disable international calling. Unless your organization does business internationally, disabling the ability to make international calls can block anyone from making overseas calls that can rack up significant charges.
- Monitor traffic. The best VoIP solutions will provide 24/7 monitoring to look for unusual traffic or anomalies that may signal you have been compromised.
Just like any system you deploy, you need to enact cybersecurity measures to limit your exposure and protect your assets. VoIP fraud is responsible for billions of dollars of damage globally, but too often, organizations do not employ the basic cybersecurity measures required to mitigate threats. If you get attacked, there’s little recourse. Unlike credit card fraud, which provides some protection under the law, VoIP fraud can lead to unrecoverable losses. You need to take proactive security measures and work with the best providers to stay secure.
As cybercriminals continue to evolve their techniques, it’s crucial to remain vigilant against all types of cybersecurity threats, including your VoIP solutions.
