Jun 17, 2010

What Are the Security Issues With VoIP?

VoIP is a convenient and sometimes free method of communicating with family members, friends, coworkers and business clients. It allows the use high-speed Internet access to contact individuals anywhere they can access the Internet. That these calls are being made over the Internet does leave that connection vulnerable to many security issues.

Identity Theft


  • The most prevalent security hazard for VoIP users has to do with identity theft and Vishing (VoIP phishing). Most hackers who use vishing do so to make free calls, but also some use the method to initiate identity theft. The theft can occur when the VoIP of a trusted source, such as a bank, employer or another third party, is hijacked. The hijacker then contacts clients and customers to gain sensitive information to access bank accounts or restricted files.



  • Call Hacking


  • If a VoIP system is not secured correctly with a firewall and other security measures, the call can be tapped into, creating a loss of privacy. During the hacking, the hacker could gain the ability to access to banking information, change calling plans and even take over the actual service. For business users this can lead to not only a loss of communication abilities, but to a possible financial loss as well. A customer or client may be talking to companies over the phone while exchanging sensitive financial, medical, and even security information. Call hacking is a very serious threat.



  • DoS (Denial of Service)


  • Denial of service attacks can occur over any VoIP system and overload the associated network. By flooding the VoIP with unnecessary call conferencing prompts or call-signaling messages, the DoS attack brings all call processing to a halt. The attacker can then gain access to the administrative functions of the system. At that point the hacker has access to the data on the network and can cause severe damage to a company's productivity. The financial impact of reacquiring network services, data and reestablishing proper security can be a heavy burden for some companies.



  • SPIT


  • SPIT, which stands for Spam over Internet Protocol, is a lesser but growing threat for VoIP systems. Every VoIP address has a set IP address in which spammers can send voice mails packed with viruses and other malicious software to unwary recipients. The voice mails can create a identity theft and vishing opportunity, but also can cause distortion with other calls because of the heavy bandwidth the barrage of voice mails use. The degradation of call quality creates a nuisance as well, because of the lack of clarity during the conversations.



  • No comments:

    Post a Comment