Speaking about VoIP technology is based on IP technology and uses the Internet, it also inherits all of its vulnerabilities. The consequences of these attacks, multiplied by vulnerabilities, which follow from the peculiarities of the VoIP network structure, make one think about ways to enhance protection and carefully analyze the existing IP network. Moreover, the addition of any new phone service, for example, voicemail to an inadequately protected infrastructure can trigger the emergence of new vulnerabilities. First of all, we need to figure out what security problems can appear with IP-telephony.
Possible thunders in IP telephony
Unfortunately, IP telephony is widely open for hackers’ attacks. Cyberattack to IP networks can be headed to digital voice transmission networks.We can face to such types of attacks to your IP telephony as:
- Data interception;
- IP spoofing;
- Breaking of SIP telephony equipment;
- Attacks to IP PBX (Asterisk, FreeSwitch);
- RTP wiretapping.
Data interception is quite big problem as for traditional telephony as for IP telephony. The main reason of this trouble exists because of unsafe methods of reserving your authorization data. It can be transmitted via such things as email, any messenger etc. So first, you need to keep your passwords and logins in very secure place as for example KeePass. Do not make your data visible to public, because then you can receive very sad invoice about lots of calls made by someone else.
IP spoofing. For communicating with a subscriber in a conventional telephone network, you need to know its number, and in IP-telephony, the role of the telephone number is performed by the IP address. Consequently, it is possible for hacker, using the substitution of the address, impersonates the subscriber you want. That's why the task of providing authentication is paid attention in all VoIP standards.
Breaking of SIP telephony equipment. Most administrators or users setting any equipment forget about such important thing as changing factory settings and access to a dashboard. There are also the trying of breaking like seeking the vulnerabilities in equipment software. So then, the hacker has total access to all your equipment. The solution is one to change factory standard settings.
Attacks to IP-PBX. Many companies creating call-centers or sales department use various insecure softs in communication with customers, colleagues or business partners. The reasons for such attacks are the troubles in IP PBX configuration, vulnerabilities in IP PBX, session interception, spoofing client connection into hacker’s and making calls.
It is necessary to protect the network connection by setting up a firewall-gateway to audit client connections, remove unnecessary (not used), install complex passwords for authorization / registration, check the configuration of the IP-PBX for the existence of default rules that allow one or another way to resolve external uncontrolled impact.
Wire taping. In this case, it is enough for an hacker to intercept the traffic in any place between your IP-PBX and the operator's connection. In the future, with the help of the traffic analyzer (wireshark) it will only be necessary to "assemble" the received packets and receive an audio recording of all intercepted conversations.
How to save your IP telephony
In order to keep your IP telephony system safe, you should follow the next recommendations we want to present in a list below:
- Don’t make your data visible to public;
- Change your password periodically and make it stronger;
- Change standard passwords;
- Check the configuration of your IP PBX;
- Check customer connection;
- Use VPN connection for registration of your client IP PBX via Internet.
These are some important troubles connected to security of IP telephony. If you care about safe telecommunication with your customers, business partners, keep the security of your access (passwords, logins), technical equipment etc.