Every device and service are in part responsible for providing a secure VoIP solution, but there are a few different ways to deploy a secure VoIP solution.
Traditional telephony delivered via analog or digital involves transmission over some physical medium. Security attacks to traditional telephony such as eavesdropping, require physical presence with access to the physical lines.
Toll Fraud over traditional telephony has several forms, one common attack was to hairpin telecom traffic. This is when inbound calls into a voice network were sent back out to an alternate destination. Now that Voice Networking has merged with Computer Networking there’s an “End of Geography”. Physical presence is no longer required to gain access to a voice system. Computer Networking is an OPEN network system, as any IP Address can connect with any other IP Address.
IP Protocol (IPv4 RFC 791 & IPv6 RFC 8200) and IP Addresses are fundamental in both public and private networks used in everyday communications for both voice and data. This leads to computer networking attacks having tremendously more access and tools available to conduct malicious attacks on VoIP infrastructures.
The hackers’ objective is to search through the range of IPv4 and IPv6 IP Addresses looking for VoIP Services to target with other forms of attacks. Once a VoIP Service is discovered, other types of attacks can then follow. It’s best to understand the tools and methods used to discover VoIP Services and simply detect these methods and not acknowledge the VoIP Service back to the hacker. If the hacker does not know there’s VoIP service, they’re most likely going to overlook and move on.
If you enjoyed this blog, and would like to learn more about Security Best Practices for VoIP, download our whitepaper here: sangoma.com/voip-security-best-practices/