VoIP Security – Main Targets of VoIP Attacks

VoIP SecurityThese days IP phones are easily obtainable and abundant in many corporate fields, they have become striking targets for attackers. Also VoIP administrators should keep an eye against VoIP differences, of fishing and spam as both are very popular in e-mail fields, and also as toll fraud, which is rather frequent in PBX fields. This article is about mentioning all the popular attack targets for a VoIP network and seeing how there are deployed.


The list of common VoIP Attacks

  • Obtaining VoIP resources without ethical qualifications
  • Gathering information and data from unsafe and unreliable VoIP network resources
  • Introducing a special  “denial-of-service (also known as DoS) attack”
  • Tracing and catching telephone conversations

Let’s see some more about every one of them:

Obtaining VoIP resources without ethical qualifications

Attackers can try to spitefully transform most VoIP network devices and settings, along with intercepting the voice streams. Here is an example that attacker may get access or influence users residing in the LDAP directory used by Cisco Unified Communications Manager. This phenomenon could put off a user from logging into a Cisco IP Phone (e.g. when using the feature called “Extension Mobility”, which permits users to log into a phone and have their private and personal profiles applied to that particular phone). An other famous example can be, that an attacker might attempt to achieve administrative right of entry to a system of voice mail e.g. “Cisco Unity” and influence on the parameters like the voice mail greeting that is heard by the callers.

Gathering information and data from unsafe and unreliable VoIP network resources

Because VoIP networks characteristically rely on famous protocols (as described in the previous section), attackers can influence their information on these protocols to obtain information regarding VoIP network resources. An attacker can use a famous vulnerability in a specific “signaling protocol” to interrupt or disturb a VoIP network or to obtain data and information regarding the VoIP “infra-structure” by observing a “signaling protocol”

Introducing a special  “denial-of-service (also known as DoS) attack”

It is a very common attack on a data network referred as denial-of-service attack, in which an attacker takes a lot of resources on a single targeting system, the outcome is obvious, a failure of that particular target system. Differences of the Denial-of-service attacks also subsist in a VoIP surrounding field. A common example, an attacker can try to take a lot of bandwidth on a single VoIP link, ensuing in either on failed calls or poor-quality calls. Similarly, an attacker can take a VoIP server as a target and example is “a Cisco Unified Communications Manager server” that tries to take or obtain the server’s own resources, like e.g. processor or memory resources. And, many attackers could take advantage of famous protocol weaknesses like an example can be a specific “packet structure” that can make a particular system to crash or to damage.

Tracing and catching telephone conversations

This idea of “wire tapping” is rather old to the world that revolves around technology. But in the world of VoIP, eaves-dropping (also called wire tapping) can be achieved by catching |RTP packets (They are actually voice packets) and then translating those “captured packets” into an audio-file that can be listened by the attacker.


Leave a Reply