Moving to VoIP can offer businesses many benefits. But there are risks too, as with any internet-based technology it can be open to cyberattacks and you therefore need to take steps to safeguard your VoIP system from threats.
VoIP wholesale carrier attacks
There are four main types of attack to which VoIP services can be subjected. The first is distributed denial of service (DDoS) attacks which seek to disrupt the service and make it unusable, this harming your business. The second is service infiltration, where hackers try to use your system for their purposes, to make calls on your account, for example, or to try to get you to connect to premium rate services from which they profit.
Thirdly there’s interception and tampering. This involves the hacker either listening in to the call or transmitting information that interferes with the call quality or could lead to calls dropping out. Finally, as with any computer-based system, VoIP is subject to the unwelcome attention of malware and viruses. These can allow the hackers to take control of your system by opening up a back door, or allow them to steal sensitive data and disrupt the system.
VoIP protection measures
While all of the above may sound fairly alarming, there are some measures that you can take to protect your VoIP systems and ensure that they remain safe and secure.
As with any computer system, it’s vital to have antivirus software installed and to keep it up to date so that it can identify the latest threats. Many of the most modern systems now use behavioural analysis to spot malware-like behaviour and therefore can guard against zero-day threats that haven’t yet made it onto signature detection databases.
You also need a firewall between your hardware and the internet. However, many older firewalls don’t work well with VoIP traffic and can cause disruption to the service. You must, therefore, get a firewall that is VoIP-friendly and allows call traffic to pass through, while still being able to block suspicious activity.
One of the most common methods that hackers will use to try to access VoIP systems is using stolen credentials. You must make your staff aware of the risks posed by phishing attacks aimed at getting hold of their passwords. Make sure that strong passwords are used and if you have remote users, they should connect via a VPN. It’s also worth setting up call restrictions so that only authorised users can call overseas, for example. You might also choose to block codes for certain countries or for premium rate numbers to prevent abuse of the system.
It’s worth performing a regular audit of activity on your VoIP system. This will give you early warning of any potential abuse by insiders or other suspicious activity.
If you handle confidential information then it’s also worth talking to your service provider about encryption for your VoIP service. This means that even if call packets are intercepted, they will be useless to the attacker.
