The Top Five Security Concerns For IP PBX and VoIP

What is the most significant security concern for this year?  With social media attacks growing in number, DDoS attacks begin to become more sophisticated, and the Internet of Things (IoT) is a real threat.  The greatest concern is cybersecurity; however, this is nothing new.  According to an article by PCWorld, there are five top security threats to companies of all sizes:

The Top Five Security Concerns For IP PBX and VoIP

#1:  Internet Of Things (IoT)

Based on the Internet of Things, we are now seeing a plethora of devices connecting and gathering all types of information from users being fed directly into the cloud-based data repositories.  As a result, businesses utilising the connected automation devices face significant risks by the Internet of Things.

#2:  DDoS Attacks

DDoS Attacks, also known as distributed denial of service, refer to the rendering of a networked device or network that is unavailable to legitimate users.  This is done via various measures that include, but are not limited to, exploitation of TCP/IP limitations, ICMP flooding, and peer-to-peer attacks.

#3:  Social Media Attacks

Based on a report by Proofpoint, one of the latest and most advanced global cybersecurity firms, it is expected in 2015 that there will be an approximately 400% increase in the level of malicious content posted on social media platforms.  This is posted with the aim of getting users to distribute malware inadvertently.

#4:  Mobile Malware

The potential for leveraging tablets and smartphones for major mobile attacks is on the horizon, particularly in BYOD environments.

#5:  Third Party Attacks

Third-party providers and contractors can provide large holes in cybersecurity systems, as is seen in Home Depot and Target.

While the threats of cybersecurity attacks are looming for large enterprise-level network teams, the majority of companies are not as concerned with cybersecurity as they should be.  Using limited resources, technology and teams may be growing long in the tooth; however, smaller teams can assist in focusing on security to build the company’s level of protection.

What About Network Admins Who Are Focused More On Internal Network Security Threats?

If you have a responsibility for the company’s network security, but you do not have any resources to cover the security measures, you are more than likely concerned with the following:

#1:  DDoS

Never think that your business is too small for a cyber attack.  According to a survey by Kaspersky Lab, approximately 21% of all companies reported malware with 22% reporting hacking as the top threats to their business.  While attacks are important to consider, they are not to be viewed in isolation.  A report by Verisign indicated that the size of the attacks were on the increase.  For instance, a company with one or two gigabytes per second of upstream bandwidth could be disabled by an attack of five to ten gigabytes per second.  In last year’s second quarter, attacks of this level were increased by approximately 33% based on this report.

#2:  The Malformed Packet

Attackers are able to crash applications and render hardware unresponsive to users by sending defective or malformed packets.

#3:  Toll Fraud

One of the simplest means of conducting a cybersecurity attack is via toll fraud.  According to a report in 2013 toll fraud cost small companies across the globe approximately $4.73 billion.  VOIP security specialist Mark Collier stated that new and unsecured systems are the most common victims of toll fraud.

What Is The Most Effective Security Measure You Can Use?

#1:  Installation Of A Session Border Controller

By installing a session border controller, also known as an SBC, your VoIP infrastructure will become more secure.  Moreover, it will increase the level of integration with numerous SIP-based equipment from various vendors.  This session border controller operates by controlling signals and media streaming of all VoIP calls with videos, chats and other media interaction between people on networks.  You can gain more information about the session border controllers with this article.

A session border controller can improve a person’s VoIP or network security in these five separate ways:

  • preventing the system from becoming an entry point for attackers and toll fraud infiltration
  • encryption of voice channels to avoid the chance of eavesdropping when using public networks
  • measuring the level of traffic from each device’s source, as well as blocking any unusual levels directly at the kernel level
  • detection and blocking of any malformed packets
  • reducing the number of concurrent calls a consumer can make; thereby, minimising the chance of toll fraud

The SBC can prevent systems from becoming entry points for attackers, and Unified Communications systems tend to use session initiation protocol to develop, manage and eliminate IP-based sessions.  The session initiation protocol, also known as SIP messages, make their way through the network with each node adding a “via” field to the packet.  Once the packet leaves the network, there is a log of fields indicating the route the packet has followed.  This route or log can indicate to attackers the structure of the network beyond the firewall; thereby, allowing the attacker to develop attacks and commit fraud.

The SBC can manage security and control the call meaning that the call will be ended on one side of the border, but then reinitiated on the other side.  SBC removes all of the “via” fields from any SIP packets replacing them with single fields.  As the packets appear to stem from the SBC, the topology of the network is fully hidden from attackers.

One of the items handled through the use of transport layer security, also known as TLS, is to protect any signalling online via voice encryption.  Secure real-time transport protocol can also be utilised for voice media.  The advanced session border controllers utilise hardware-based transcoding systems which apply levels of encryption; therefore, freeing up the server to manage increased volumes of calls.  This improves the economic use of the SBC server and provides an improved level of voice encryption.

Unauthorized use of this service can be managed by placing SBC policies in place but only allowing interactions between known SIP points.

Leave a Comment