Are you using Voice over Internet Protocol (VoIP) services for your organisation’s communications? It’s certainly a very cost effective, flexible and scalable network solution for businesses big and small. However, as with any other online technology, VoIP can be a target for hackers and cyberattack, exposing organisations to fraud and other threats.
UK businesses appear to be particularly prone to this kind of cyberthreat. A study by cybersecurity experts Nettitude observed a large amount of VoIP attacks worldwide in the first quarter of last year, with the majority against UK servers. 88 per cent of these attacks took place out of regular working hours, and many started just minutes after a new server went live.
Until recently there was a general lack of awareness about these kinds of attacks and the impact on businesses, in this post we hope to address this and provide some support for those organisations that are vulnerable to attack.
Common threats to your VoIP system
The following categories of threats have been identified by the Voice over IP Security Alliance (VOIPSA):
Social threats: Social threats can be interpreted as the misrepresentation of identity, authority, rights and content.
Eavesdropping: In this threat category, malicious users are able to monitor VoIP communications between two or more VoIP end points.
Interception and modification: This category refers to threats where a malicious user may have full access to the communication signal between two or more parties.
Service abuse: This category is one of the most common amongst attackers. Premium Rate Service (PRS) fraud is becoming more and more prevalent.