We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Future security threats ’will target VoIP’

It’s the next big risk

While many issues remain unsettled in the area of VoIP (voice over internet protocol) technology, IT security experts believe that it could be the next major target for various attacks.

During his presentation in the recent MediaConnect security forum, Nigel Stewart, McAfee regional sales manager for Southeast Asia and India, said that although no high-profile cases have been recorded yet, VoIP would eventually become the target for hackers and malicious code writers.

VoIP is a category of hardware and software that enables its users to utilise the internet as the transmission medium for telephone calls. Voice data is sent in packets rather than by traditional Pots (plain old telephone system) circuits.

One advantage of VoIP is that the telephone calls over the internet do not incur a surcharge beyond what the user is paying for internet access, much in the same way that the user doesn't pay for sending individual emails over the web.

“Its growing adoption from both the business and consumer side will make [VoIP] attractive for exploitation,” Stewart added.

McAfee believes that VoIP attacks would most likely take advantage of the various layers of the technology such as the transmission layer or hardware devices used to make calls.

“For the moment, VoIP security does not appear to be at the forefront of IT managers' minds,” said Stewart. “But it is definitely something people should consider and be prepared for.”

On the other hand, VoIP is also vulnerable to becoming a target for spammers, added Andy Lake, MessageLabs director of partners.

Both experts believe that VoIP is still pretty much a closed structure since almost no company exposes their VoIP system to the internet. However, by the time companies start publicising their SIP (session initiation protocol) addresses used in VoIP communications on business cards and websites, security will become essential.

“I really don't think people should be deploying VoIP unless they have the necessary security in place,” said Lake “Even if I haven't heard about any of these abuses actually happening, eavesdropping from a competitive advantage standpoint could be a major disadvantage for any user.”

Experts recommend the use of such security appliances as firewalls that are specifically designed to filter VoIP traffic for suspicious patterns and drop those connections.

IT managers should not assume that because their data networks are protected, adding voice to their systems will be secure, as well.

“Administrators may mistakenly assume that since digitised voice travels in packets, they can simply plug VoIP components into their already-secured networks and remain secure,” said Stewart. “However, the process is not that simple.”

“It would be good if in addition to installing specific products that can weed out suspicious VoIP traffic, companies should consider how their VoIP networks play in their overall security efforts, said Matthew Guide, Sales Director for Asia Pacific at SurfControl, a web and email filtering provider.

For more information, our sister site Techworld has a comprehensive VoIP resource page.

IDG UK Sites

How to get a free EE Power Bar: Mobile and broadband customers eligible for free smartphone charger

IDG UK Sites

Why Netflix won't terminate your account for using a VPN, probably

IDG UK Sites

Forever 21 denies pirating Adobe, Autodesk and Corel software, accuses companies of 'bullying'

IDG UK Sites

New Apple TV 2015 release date rumours: Apple's WWDC invite shows Apple TV