As with any device on your network, care should be taken when selecting, installing, and using Voice Over IP (VOIP) phones. Beyond the basic security protocols you should be using for any device on your network, be sure to use a reputable service provider that has a robust and redundant network.
Since VOIP technology relies on the internet to process calls, it is inherently vulnerable to common attacks. Further, since these devices require network credentials and access to your network, they can make you company more vulnerable to attack. The most common threats we find are:
- Call Tampering
- Not only will hackers attempt to deny service, but they may also try to disrupt the calls you’re on. They can slow down the network and make call quality unstable. In some severe cases, they can even listen in.
- A form of Phishing where attackers mimic a valid number to trick users into thinking the call is legitimate. They can they gain information that could eventually lead to further security breaches.
- A form of call tampering, Distributed Denial of Service attacks are when a network is overwhelmed by data that utilizes all available bandwidth. While this can be disruptive to any network operation, it would be impossible to make or receive VOIP calls during an attack.
- Malware and Virus
- As with any system connected to the internet, VOIP phones are susceptible to viruses, malware, and other harmful programs. Once infected, attackers can gain access to the system and other devices on your network.
- Voice over Misconfigured Internet Telephones is a way for hackers to take voice packets and other call information during your calls. They can potentially eavesdrop on the call, learn where the call originated, and harvest other sensitive information.
- Once an attacker has access to either the network or device, they may be able to listen in to all calls, gaining access to personal and sensitive information.
- An attacker could gain access to your system and send voicemails/robocalls to thousands of people each day. With your legitimate identifiers, they pass themselves off as genuine, bypassing typically spam blocking technologies.
70% percent of organizations surveyed by Corero said they experience 20-50 DDoS (distributed denial-of-service) attacks per month.2
Although most of them aren’t successful, the growing problem is that with powerful machines, specialized tools, and much better bandwidth than ever before, cybercriminals can now launch DDoS attacks much faster and cheaper. This means that companies of all size are at risk.
So what can be done?
As with all your network devices, use a strong and unique password. While inconvenient, each VOIP device should have its own username and password. If available, using Multi-Factor Authentication (MFA) will protect you even further.
Perform system updates regularly. Just like there are patches available for your workstations and servers, most VOIP devices require system updates from the manufacturer or service provider. These should be applied regularly to all VOIP devices on your network. While these updates often require a reboot, keeping up to date will minimize your risk.
Monitor call logs for suspicious patterns or anything out of the ordinary. Calls made outside working hours or to overseas locations may be the first signs of a breach.
Require VPN connectivity for remote users. Insecure WiFi is a threat to any device on the network, and VOIP devices are no exception. While it may be easy to connect to any available network, company policy and best practice should require a secure connection every time.
Select a reputable service provider that offers call encryption, network redundancy, and support.
Overall, VOIP devices are safe and efficient communication tools, as long as they are configured properly, updated regularly, and on a secure network.
As you make changes to your VOIP network or decide to replace or update your VOIP devices, we recommend contacting an IT Asset Disposition (ITAD) specialist for proper disposal
As mentioned earlier, these devices have network access and credentials. They may also store contact information for clients and other users. Care should be taken to ensure they are properly wiped so your information isn’t inadvertently accessible to others or used maliciously after you’ve discarded the equipment. Your ITAD specialist will ensure that all stored network information, credentials, and call logging information is securely destroyed.