Cyber-security should always be a priority. At this point, security risks are growing every day. A company should always make sure they know the risks they’re faced with and should always protect themselves against them.

Most Common Threats

Eavesdropping   

Eavesdropping is almost exactly how it sounds. Without any authorisation, audio streams can get intercepted. This leaves any spoken information at potential risk. Usually, data collected from eavesdropping is used for identity theft, but this isn’t always the case.   

However, eavesdropping isn’t only subjected to VoIP. Traditional public telephone calls can also be breached. The only things that change are the tools needed for it and the protection against.   
The attacker uses a software (packet capture tools) that obtains the unencrypted VoIP traffic. This makes any conversation very easy to access and exploit.   

Vishing   

Now, you may have heard of Phishing which is a similar type of risk. Vishing uses voice - rather than email - to trick the recipients into giving away their sensitive information.    

The attacker will pretend to be part of a creditable organisation, such as your bank. They will then ask you questions that could involve your credit card numbers or passwords. Questions like this will never be asked by the real organisation.  


Phreaking   

This is a type of call fraud. Attackers break into your telecommunication system to obtain free calls from the service provider.    

In doing this, hackers can increase the calls on someone’s account, change call plans, add more credit to an account or use it for identity theft. Any calls or services the hacker partakes in will be billed to the account holder or system owner.   

Hackers also use this method for impersonation. Financial records can be accessed, and further sensitive information can be stolen.


DOS Attacks 

Standing for ‘Denial of Service’, DOS attacks are when hackers overwhelm a system with requests. The system is then forced to shut down, or slow, as it can’t cope. Hackers do this with SIP call-signalling messages.   

If the system stops, or is slowed down, business will be disrupted. This can affect the productivity of the company and potentially inhibit jobs.   

The attack will then allow the attackers access to control the service remotely. This is another one of the many ways hackers can steal your information, and potentially rack up a bill on your account.   


Malware 

Malware, viruses and worms are all ways hackers can expose your systems. Hardware and software in your VoIP network are vulnerable to these attacks.   

The different types of malware and viruses will all act to damage your system in one way or another. For example, it may trace keystrokes (that allows remote access), destroy your information or send swarms of spam. All can ultimately be disastrous.   
  
 
Protecting Against It 

Now you understand the most common ways your information can be stolen; you need to understand how to prevent it.   

Below are some of the most important actions you need to take.  


Strong Passwords   

Firstly, the most obvious solution for these problems is strong passwords. You need to make sure that your account is protected by something complex.   

By this I mean add some capital letters, numbers, and/or special characters. You should NEVER leave the password on default. In addition to that, never use the same password twice no matter how strong you think it is.    


Anti-Virus Software  

Anti-virus software prevents, detects and removes malware from your systems, before damage can be caused. Without this, viruses get in extremely easily and can cause major technical issues.  

Even though this seems unbelievable, not everyone in the soft phone business opts in for anti-virus software. This is a MUST. Make sure you always have firewalls and malware protection, on all devices.   

You never know when this just might save your important data. 


Encryption

The purpose of VoIP communication is that it’s sent over a network. When information is sent over the internet, it is unencrypted. This means anything that’s being transmitted is easily accessible to hackers.    

Although sounding complicated, it’s usually quite easy to configure or turn on encryption between points on your network. Despite this, it isn’t always the same. It depends on how your VoIP network is set up, your specific firewall settings, different routers etc.   

Encryption is extremely important to everyone, but crucial to any organisation that deals with sensitive information (such as financial accounts). Make SURE this is on your list.   


VPN   

VPN stands for Virtual Private Network. For a business, this means they can browse the internet, while securely encrypted. This will protect all sensitive or private data.    

A VPN is very important to use on public WIFI, as it’s never actually secure. A hacker can see everything you’re browsing and steal data you release unbeknown.    

With a VPN, your online destination sees your data coming from the VPN server and its location, not from your computer and location.  


Use these tips to provide safety for your business and your customers’ information. Hackers are evolving every day, so you need to make sure you’re prepared for the worst.   

Whether you already have VoIP or you’re thinking of switching to it, do it the right way.  



 
 

About the author

VoIP Experts

VoIP Experts offer a flexible and affordable approach to business communications.