| VoIP hacking is a new term that strikes fear | | | | to obtain sensitive information from the |
| into the hearts of many residential and | | | | person at the end of the line. Unless VoIP |
| corporate users thinking about upgrading from | | | | systems are made secure, this will otherwise |
| their existing traditional phone network and | | | | likely be an easy to perform "hack". |
| in some cases even dissuades them from doing | | | | |
| so. | | | | Call hijacking is the interception of a call |
| | | | intended for a particular party and relaying |
| Thankfully, although talk of VoIP hacking | | | | it to someone else. Again, this is likely to |
| goes back to 2004 and earlier, there are | | | | be used in conjunction with some form of |
| relatively few reports of it and it certainly | | | | social engineering. |
| does not compare to the levels of malicious | | | | |
| use seen in the days of "blue boxing" and | | | | Sometimes a hacker may simply wish to shut |
| company PBX misuse. | | | | down a telephone network through brute force |
| | | | or denial of service attacks. For some |
| In essence, VoIP becomes susceptible to | | | | companies, such disruption of business can |
| hacking because in transferring analogue | | | | cost millions of dollars. A disgruntled |
| voice data into a digital form that is | | | | employee, for example, may try such an |
| carried over the internet, some security | | | | attack. |
| firms say this is tantamount to gaining all | | | | |
| the risks of computer data systems such as | | | | Wiretapping or phone tapping can be |
| bugs, but also worms and viruses. Hackers | | | | considered to be more simple to perform on a |
| already have their existing tools of the | | | | VoIP network. Because a hacker can access the |
| trade that they have owned for years, and can | | | | system from afar via the internet, he need |
| simply transfer these to the world of VoIP. | | | | not jack directly in to the local phone |
| | | | network. Such compromising or sensitive |
| Types of VoIP Hacking | | | | information can be sold on by the criminal |
| | | | fraternity or even espionage carried out. |
| There are a number of types of such malicious | | | | |
| use, all of which can be potentially very | | | | Worms and trojan horses can also use spoofing |
| damaging: | | | | to disguise themselves within a voice packet. |
| | | | Once behind the corporate firewalls, they can |
| Audio spam is a recently increasing form of | | | | wreak havoc on a company's business critical |
| abuse - we have all become accustomed to | | | | systems. |
| email spam and the same mechanisms that allow | | | | |
| for distribution of spam to millions at a | | | | How To Protect Yourself From VoIP Hacking |
| minimal cost also apply to the convergence of | | | | |
| voice and data. Companies will have to get | | | | Whilst there are a number of risks from such |
| smart and combat such spam using complex | | | | practises above, minimizing the risk can |
| filters. | | | | enable you to obtain all the advantages of |
| | | | lower costs and valuable services. Most large |
| Voice phishing is likely to increase. This is | | | | companies are now considering migration to |
| a form of social engineering where the person | | | | VoIP and have mitigated the risks by using |
| being called is convinced to hand over | | | | advanced encryption and placing control of |
| sensitive and confidential information. The | | | | such systems to only a critical few persons. |
| ability to send out mass recordings over the | | | | |
| internet via VoIP is likely to increase this | | | | Such measures can allow you to enjoy the |
| type of malicious practice. | | | | benefits of VoIP in a secure operating |
| | | | environment with business risk being minimal |
| Caller ID spoofing is where the caller is | | | | and insignificant. |
| able to pretend to be someone else, probably | | | | |