“A hacker broke into my VoIP network, gained access to sensitive information, and compromised my business.”
– Unprotected Business OwnerIs this possible? Can you trust your Voice over Internet Protocol (VoIP) network?
At its heart, a VoIP system is a data network. This means VoIP deployments are vulnerable to the same internal and external threats that plague any enterprise data on local area networks (LAN) or wide area networks (WAN). “As data networks get compromised due to rising malicious threats, voice over IP networks appear to have a similar fate,” said Joe Wang, CEO, WatchGuard Technologies. VoIP’s popularity and usage, deservedly so, is reaching a crescendo as excess bandwidth, feature-rich software and high-performance hardware drive this technology forward. Most VoIP users and advocates prefer to ignore the ugly fact that an evolving threat landscape, along with security gaps in the ubiquitous technology, threaten to wreak havoc in a multitude of insidious ways – looming as a new and substantive threat vector to businesses worldwide.
Today, VoIP has emerged as a mainstream communications tool that many businesses are integrating into their networks. Recently published reports predict that nearly 75 per cent of all corporate phone lines will be using Voice over IP (VoIP) in the next two years. By then, half of all small-to-medium sized businesses and two-thirds of all enterprise organisations are expected to be using VoIP. By year end, the global total number of VoIP subscribers (residential and commercial) is expected to reach nearly 100 million users. Unfortunately, the usage and popularity of such new technologies brings new security concerns. What are the threats that have the ability to put your business at risk?
“With converging networks and the adoption of VoIP, businesses need sophisticated security architecture and infrastructure to combat this menace and ensure customers, users and data are not left at the mercy of VoIP threats,” Wang continued.
WatchGuard, an advanced technology leader of network-security solutions, details some of the leading VoIP threats that consumers should be wary of to ensure they have the most proficient VoIP security solutions in place:
Denial of Service (DoS): Similar to DoS attacks on data networks, VoIP DoS attacks leverage the same tactic of running multiple-packet streams, such as call requests and registrations, to the point where VoIP services fail. These types of attack often target Session Initiation Protocol (SIP) extensions that ultimately exhaust VoIP server resources, which cause busy signals or disconnects.
Spam over Internet Telephony (SPIT): Much like the majority of email spam, SPIT can be generated in a similar way with botnets that target millions of VoIP users from compromised systems. Similar to junk mail, SPIT messages can slow system performance, log voicemail boxes, and inhibit user productivity.
Voice Service Theft: VoIP service theft can happen when an unauthorised user gains access to a VoIP network – usually by way of a valid user name and password – or gains physical access to a VoIP device, and initiates outbound calls. Often, these are international phone calls to take advantage of VoIP’s toll by-pass capabilities.
Registration Hijacking: A SIP registration hijack takes place when a hacker disables a valid user’s SIP registration, and replaces it with the hacker’s IP address. This allows the hacker to then intercept incoming calls and re-route, replay or terminate calls as he/she wishes.
Eavesdropping: Like data packets, voice packets are subject to man-in-the-middle attacks where a hacker spoofs the MAC address of two parties, and forces VoIP packets to flow through the hacker’s system. By doing so, the hacker can then reassemble voice packets and literally listen in to real-time conversations. From this type of attack, hackers can also steal sensitive data and information, such as user names, passwords, and VoIP system information.
Directory Harvesting: VoIP directory-harvesting attacks occur when attackers attempt to find valid VoIP addresses by conducting “brute force” attacks on a network. When a hacker sends thousands of VoIP addresses to a particular VoIP domain, most of the VoIP addresses will “bounce back” as invalid; but from those that are not returned, the hacker can identify valid VoIP addresses. By harvesting the VoIP user directory, the hacker then gains a new list of VoIP subscribers that can be new targets to other VoIP threats, such as SPIT or vishing attacks.
Vishing (Voice Phishing): Vishing mimics traditional forms of phishing – attempts to get users to divulge personal and sensitive information, such as user names, account numbers and passwords. The con works by spamming or “spitting” users and luring them to call their bank or service provider to verify account information. Once valid-user information is given, criminals are free to sell this data to others, or in many cases, directly siphon funds from credit cards or bank accounts.
WatchGuard Technologies recognises that as more enterprise and mid-market businesses adopt VoIP, they open themselves to a new series of VoIP protocol exploits. As cybercriminals show no signs of loosening their grip on unsuspecting VoIP users, and network-security specialists warn consumers to be vigilant, there is a pressing need to ensure that your VoIP networks are secure. By utilising a host of high-security technologies, including network address translation, port obfuscation, and SIP and H.323 proxies, WatchGuard’s extensible threat management (XTM) solutions provide unparalleled network security against a myriad of threats, thwarting would-be attackers of VoIP and network systems. It’s never too late to reduce threats, cut administrative costs, and keep your networks clean and running and free from untoward attacks.
WatchGuard Technologies
