Switching your telephone network to Voice over Internet Protocol (VoIP) has noticeable advantages. Users can experience stronger connectivity, significant cost reductions, and a centralized system. But what users also experience are new cybersecurity risks.
The question becomes, then, are VoIP savings worth the costs to security? VoIP can introduce new threats to your environment, requiring more security awareness training across your entire organization to reduce the risk of falling victim to malicious software and social engineering.
Here are 5 of the most common cybersecurity risks that you and your business need to be aware of when switching your telephone network to VoIP.
1. Distributed Denial of Service (DDoS) Attacks
DDoS attacks are an attempt to shut down a site or halt server traffic via an overwhelming surge in traffic. These types of attacks are a low-cost, low-skill way for cybercriminals to disrupt operations — which can be the endgame itself — or distract security teams from another attack happening behind the scenes.
Implementation of a VoIP system can leave your Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports at risk. Ignore that risk, and they could be used as part of a DDoS attack. Hackers can overwhelm your VoIP server with Session Initial Protocol (SIP) call-signaling messages. And they don’t even need to penetrate your whole network.
Instead, these messages flood your VoIP server with incomplete requests and consume all of the available bandwidth. Your system will slow down and, in some cases, might stop entirely due to the traffic.
DDoS attacks are on the rise, and their popularity doesn’t seem to be flagging anytime soon. In fact, it’s estimated that there are 16 DDoS attacks every minute. Still, it’s only one of the major risks to using VoIP.
2. Malware
Malware can affect almost every item of technology your organization owns or operates. VoIP networks are no different. Most VoIP configurations utilize softphone technology – software which mimics the action of a telephone to place calls over the internet. This means that VoIP networks can be exposed to many varieties of malware. Malware can perform any number of unwanted system interruptions. It can sabotage valuable information, steal access to protected data, and take over an entire computer system.
Mobile malware is a significant issue with VoIP networks too, especially with the rise of remote work happening all over the globe. Away from the desk, many users make VoIP calls with their smartphones. Once malware infiltrates your smartphone, it can access — and steal — all sorts of valuable information.
3. Vishing
Vishing is a cybercrime combining voice calls with phishing attacks. So-called “voice phishing” uses multiple social engineering techniques, such as voice-altering software, text messages, and fraudulent phone numbers to communicate with, and extract information, from potential victims.
If these techniques can trick employees into sharing information that is used to access protected networks, such as passwords, threat actors could effectively gain privileged access to your entire environment. Cybercriminals can even use these same techniques to trick suppliers and clients into sharing sensitive information.
Typically, VoIP vishing attacks begin with phishing, where the social engineer sends targets emails in bulk that appear legitimate, commonly impersonating a company or an authority figure. They’ll be warned of a threat to their account security and asked to call a number to discuss it.
Unbeknown to the user, that number will connect them to the hacker’s private VoIP branch. A prepared interactive voice response (IVR) will play, which mimics a conventional business system. Users will then be vulnerable to sharing account details, PIN codes, and more sensitive data.
4. Traffic Interception
Hacks don’t have to be elaborate to be effective for cybercriminals and damaging for their targets. Often, the attack takes the form of traffic interception and analyzation. Tapping into the VoIP traffic — audio stream data packets that travel across the internet — is straightforward. Once done, they’ll use easily obtained software to convert those packets into phone conversations.
In essence, hackers gain access to VoIP calls and listen in on them. This grants them unlimited access to all sorts of sensitive business information. Usually, they’ll be listening out for staff details and passwords. Perhaps they’ll hear account numbers, phone numbers, and other staff details. With that data, the hacker can access service plans, voicemail, and internal admin portals. Identity theft and VoIP service theft are easily done once hackers have this personal information.
5. Spam Over Internet Technology (SPIT)
Interpersonal communication and spam go hand-in-hand. Whether it’s junk mail in your physical inbox, malware-laden messages in your virtual one, or an endless parade of calls telling you that your car warranty has expired, you can’t escape spam.
Spam is designed to advertise on a huge scale. But dangerous phishing schemes are often hidden within spam content as well. VoIP spam is no different. Each VoIP system has a unique IP address. That means that yours does, too. This allows spammers to capture thousands of IP addresses and bombard each of them with as many messages and voicemails as they like.
When VoIP spam arrives, it’s usually in the form of voicemail. And that spam arrives on your VoIP system with two intentions.
First, it could be a simple marketing ploy, where your voicemail is flooded with hundreds – perhaps thousands – of messages overnight. This mass-advertising campaign is not just frustrating, it renders your voicemail useless. But these spam messages could also be social engineering scams hoping to trick employees into exposing valuable business information.
Proactive Protection Against VoIP Attacks with Arctic Wolf
VoIP is a cost-effective, comprehensive way for organizations all over the world to stay connected. But it also introduces more risk to your environment. Thankfully, there are ways to protect yourself from attack in the first place, and ways to mitigate the damage should an attack occur.
Managed Security Awareness®
Arctic Wolf Managed Security Awareness prepares your employees to recognize and neutralize social engineering attacks and human error — helping to end cyber risk at your organization. It addresses the most common cyberthreats by influencing behavior and fostering a security culture, empowering employees to identify cyber risks like phishing and vishing, and report mistakes that could expose sensitive data.
Arctic Wolf® Incident Response
Arctic Wolf Incident Response, formerly Tetra Defense, is a trusted leader in incident response (IR), leveraging an elastic framework that enables rapid remediation to any cyber emergency at scale. Valued for breadth of IR capabilities, technical depth of incident investigators, and exceptional service provided throughout IR engagements, Arctic Wolf Incident Response is a preferred partner of cyber insurance carriers.
