Story image

Who's listening? VoIP systems vulnerable to hacking

18 Dec 2015

Businesses need to ensure they have the appropriate security measures in place to avoid being targeted by cyber criminals hacking into their systems.

That’s the word from MyBusinessVoice, who says VoIP systems are no exception, and businesses to seriously thinking the security they have in place.

“While VoIP is a more efficient way to communicate and more cost effective, it is after all using the same network as your email and other internet devices,” MyBusinessVoice says. “No doubt you have experienced spam and cyber-attacks in these areas.”

The company says recognising the threats directed at VoIP installations means businesses can then look at ways of reducing the risk or, even better, eliminating them.

“A very common threat is eavesdropping; not someone in the next cubicle at work, but someone who could be on the other side of the world,” MyBusinessVoice explains.

“When using VoIP the voice is converted to data and transmitted, with eavesdropping, the packets of data are intercepted, converted to a WAV file i.e. back to sound, and then listened to,” it explains.  

In other words, all conversations could be vulnerable.

Hackers have been around a long time, always looking for new avenues to gain access to systems and VoIP is not immune to them, the company says.

“If your system is hacked the perpetrators could be helping themselves to free phone calls, at your expense or they can intercept your phone calls and redirect them for some other purpose,” it continues.

“If redirected you have no control over what is happening and this could be detrimental to your business. It is also possible the increased traffic would slow your whole system down.” MyBusinessVoice warns if a business has other systems, such as billing and customer information integrated with VoIP, this could then be at the mercy of hackers. “Just as you have various security measure in place for your property - sensor lights, alarm system, guard dog, security firm, you need to have layers of security in place for VoIP and all other internet based systems,” it explains. “First and most known form of defence is a firewall, hopefully that is already in place but it should be assessed as VoIP-ready and be strategically placed to thwart internet telephony attacks. “Along with the VoIP ready firewall ensure you have up-to-date anti-virus, anti-malware software and set it up for automatic, regular updates,” the company says. MyBusinessVoice says encryption is an absolute must. “Usually VoIP software has this built-in but you need to make sure and if it doesn’t, either change software or add software to provide encryption,” the company explains. MyBusinessVoice suggests business purchase VoIP phones, which are designed to avoid threats and have better voice quality.

“To make all of this easier, choose a reliable provider with a good track record and have VoIP hosted,” it says. “My Business Voice takes the time to assess your requirements, understand your business and provide you with the best solution.”  

Flashpoint announces new features on intelligence platform
The platform now features new dashboards and analytics, expanded datasets, chat services and communities, and industry alerting.
Hitachi Vantara to offer data protection as-a-service
Hitachi Vantara has introduced data protection and data storage offerings that embrace the as-a-service model and come as pre-engineered, fully managed services.
TIBCO aids in effort to boost Vietnam's data talent pool
Training will include ways to understand data analytics, and skills to support the country’s push towards digital transformation.
Tech leaders already seeing the impact of automation
“It is our strongly held belief that the prosperity of New Zealand is inextricably linked to how well our organisations embrace a digital future."
Snowflake & Anodot to offer AI-based anomaly detection
Customers will have access to Snowflake’s built-for-the-cloud data warehouse and can receive instant alerts and insights from Anodot for potential issues before they cost customers significant ROI.
ABS and Google Cloud partner to demonstrate the feasibility of AI-enabled corrosion detection
The project successfully demonstrated the accuracy of AI in detecting and assessing structural anomalies commonly found during visual inspection.
Aerohive launches guide to cloud-managed network access control
NAC for Dummies teaches the key aspects of network access control within enterprise IT networks and how you can secure all devices on the network.
Sungard AS named DRaaS leader by Forrester
It was noted for its disaster-recovery-as-a-service solution’s ability to “serve client needs at all stages of their need for business continuity.”