Modern IP Communication bears risks

How to protect your business from cyber attacks

Voice-over-IP (VoIP) provides many new features over PSTN. However, the interconnection with your IT infrastructure also carries risks affecting the security and integrity of your IP services. As IT networks are targeted by attackers, insufficient prevention can endanger not only the network but your telecommunication infrastructure that is built on top of it. This page and our VoIP security white paper aim to educate you about possible risks, common attacks and how to prevent them.

Network meets VoIP

Analog and ISDN phone systems are connected to the public switched telephone network (PSTN) but usually not to the internet. IP phone systems on the other hand, are more vulnerable as they are connected to the internet through the local network (LAN) or directly through the SIP protocol. If the phone system is connected to the service provider (ISP) through the SIP protocol, it should access the internet through a firewall.

Even if an IP phone system is not directly connected to the internet, it can still be attacked through the LAN. Therefore, all IP devices and the access to your router, ISP and IP devices need to be secured at best. Potential mistakes include a direct connection of the IP phone system to the internet, having a public IP address or certain firewalls being open. We strongly advise to not do this!

Common cyber attacks

There are many forms of cyber attacks that take advantage of different security breaches. Contrary to ISDN and analog telephony, eavesdropping of IP phone calls is much easier as separate access to physical phone lines is no longer required. Potential targets usually include user names and passwords but also social and business contacts. Often, eavesdropping is only the first step towards further abuse such as hijacking, fraud or Spam-over-Internet-Telephony (SPIT).

Beside misusing a hijacked system, another aim may be Denial-of-Service (DOS). DOS, or Distributed DOS (DDOS) attacks aim for malfunction of system operations or even complete system failure. Typically, targeted systems are flooded and eventually overloaded with request or response packages, stressing bandwidth and resources. As there are many different forms of cyber attacks, different security measures need to be implemented to protect both your network and IP telephony.

Security measures

When it comes to network security, there is not one simple solution. As there is a wide range of different cyber attacks, different security measures need to be implemented to secure your IP network and telephony at best. Generally, a company guideline should be defined and strictly implemented to guarantee network safety. This guideline should cover the measures listed in our white paper and be regularly reviewed and updated. Beside the IP phone system, all other relevant network components need to be secured as well even if they are not directly connected to the internet.