VoIP: Identifying Risks and Staying Safe
Using VoIP (Voice over Internet Protocol) has become mainstream practice for many people operating on the global stage, enabling free long distance phone calls and effectively revolutionising the way we can communicate.
But no technology is without its risks, no matter how efficient, and, as always, your cyber security must be of the utmost importance. Understanding and being able to identify the potential risks is vital, as is ensuring you put yourself in the best position to avoid the chances of a cyber attack.
What is VoIP and How Does it Work?
The simplest way to describe how VoIP works is that it takes analog audio signals (aka your voice), turns them into digital signals and then transmits them via a broadband internet connection. What it means is that anyone with an internet connection can get around the phone companies and their pesky high charges to make free phone calls.
For a business or individual to whom communication with clients and colleagues is key (and let’s face it, that’s pretty much everyone), it can make a huge difference in terms of costs and convenience.
There are, of course, advantages and disadvantages.
You need a computer and broadband internet connection
You need a specialised phone or adaptor
It can offer specialised features not available on traditional phone (or are fee based)
You can avoid paying phone line charges
You may be able to speak with multiple people at one time
It may not work during power outages
It may not connect directly to emergency services
It may not offer directory assistance
Understanding Potential Risks and Threats
If you’re considering (or are already) using VoIP, it’s imperative you consider the security of your communications and data (that’s where we come in at Defended Solutions). Whenever you use the internet you face a certain amount of risk from data breaches or cyber attacks, but by understanding what they can be you’ll be able to implement a plan to mitigate it and reduce the disruption such instances can cause.
Listening in: Yes, just as in ‘real life’, hackers can and do attempt to eavesdrop on your conversations via VoIP - in fact this is the most prevalent threat. The main problem with criminals intercepting audio streams is identity theft.
Denial of Service: A DOS attack can slow down or completely stop both outgoing and incoming calls by basically jamming the system with their own call signal messages and using up all your bandwidth. There’s also a possibility of the hackers being able to take control of your system.
Vishing: Most people have heard of phishing and ‘vishing’ is the VoIP equivalent of this. Cybercriminals pose as you and trick people into giving up their sensitive data on the pretext that they’re dealing with a reputable company or individual. This is particularly troublesome for financial services.
Phreaking: Like vishing, phreaking is a slang term that’s become mainstream thanks to unscrupulous cyber criminals targeting telecommunication systems. Phreaking can encompass things like hackers stealing passwords, recording conversations and getting into a phone system account and utilising it for their own malicious purposes.
How to Reduce the Chance of Attack
Unfortunately, the risk of cyber attack is ever-present and, as long as the internet exists, there will no doubt be those looking to profit or cause damage to your reputation by malicious means. But you shouldn’t avoid using technology like VoIP, because there are countless things you can do to make sure you put yourself in the best possible position to avoid an attack from cyber criminals and hackers.
Put a management strategy in place: If you’re going to use VoIP, make sure that your network monitoring software can support it. You may need to put in place some new protocols in terms of how you use your bandwidth, as well as ensuring that all your software, apps and other tools are optimized/integrated.
Make sure your network can handle it: This is really a case of if you’re going to do something, make sure you do it properly. There’s no point using VoIP if your bandwidth or prioritization of service doesn’t support good call quality and impeccable security. Ensure that your network architecture is compatible with the VoIP system you choose and bear in mind this might require investing in some different/new hardware.
Consider a second broadband provider: In the event of a DOS attack or outage, having the security and backup of a second provider can give you huge peace of mind and practical advantages. If you experience an attack or outage from one provider, you’ll still be able to make and receive calls by using the other. When things are going well you can simply spread the load over both with no disadvantage, and in the event of something bad happening, you can switch to using just one until the breach is rectified.
Invest in staff training: It’s a wise idea to appoint a dedicated VoIP IT specialist in-house, who should intimately understand the technology and its ramifications, including the risks. By having someone accountable for your voice communications, they’ll be able to have a ‘big picture’ view across the company to make sure the technology is working for everyone and that security protocols are maintained at all levels.
Get expert security: Protecting your comms network is, naturally, your own responsibility to a high degree, but calling in the experts can vastly reduce your risk of ‘man in the middle’ or hijacking attacks, because we have the skills and know-how to help. When it comes to the protection of your digital data and communications, having the back-up, superior technical experience and global reach of Depended Solutions offers the best peace of mind money can buy.
