CXtec Knowledge Base

VoIP Security Threats

Voice over Internet Protocol (VoIP) is based on a system of transmitting voice data across networks via "data packets." The power of the Internet enables IP telephony to offer a variety of call-management solutions at bargain prices. The major disadvantage to VoIP is that these telephone systems face the same types of security threats that are detrimental to business networks and computers. Numerous experts are convinced that security issues are the most serious problem that VoIP users face.

Types of threats

There are many different kinds of VoIP security threats. The most common are:

• Distributed denial of service (DDoS) attacks - usually target websites, but they can also be used to destroy a VoIP system. By inundating the network with bogus data (e.g., automated spam calls), hackers hope to slow down the deliverance of VoIP calls or prevent them from getting through entirely.

• Snooping - depending on the service, some VoIP calls are susceptible to snooping at certain points en route to their destination. Hackers who are capable of accessing the network and possess a packet-sniffing program, which can be downloaded from the web, are able to eavesdrop and even record conversations. Some companies run their VoIP networks over a private backbone, but this same snooping software may still be able to pose a threat.
• Spam over Internet Telephone (SPIT) - SPIT has not quite become a significant cause for concern, but it may one day be as bothersome as email spam. There have been very few SPIT reports to make the news, but computer-generated political and credit card calls are beginning to test the limits of what is ethical.
• Vishing - like email phishing, "vishers" set their sights on VoIP subscribers, hoping to suck them into phony moneymaking opportunities or trick them into revealing credit card numbers or other private information. Like SPIT, vishing is not currently a problem, but it is one that could potentially spiral out of control.
• Direct Hack - like any computer system, VoIP networks may be compromised by a direct hack due to loopholes in the network. Luckily, there are people monitoring such underhanded activity, and they are able to send out patches for quick fixes. Normally, a fix becomes available a couple days after the problem is discovered.

Browse by Subject Matter

• Usage
  • VoIP Overview
  • Security Threats
  • Implementation and Security
  • Accessibility and Portability
  • Reliability
  • Quality of Service
  • Small Business (turn-key)
  • Enterprise Systems
• Features
  • Caller ID
  • Conferencing
  • Emergency Calls 911
  • VoIM
  • Faxing
  • Telephone Operating Companies

• Cellular
• Wireless (DECT)
• Satellite
• Private Branch Exchange (PBX)
• Dialing Methods
  • Rotary
  • DTMF
  • Touch Tone Dialing (TTD)
  • Telecommunications Device for the Deaf (TDD)
• Conferencing Systems
• Enterprise Telephony Platforms