Security and Voice over IP

Today, WatchGuard announce that it was teaming up with Mitel to provide voice over IP (VoIP) protection for Mitel’s unified communications (UC) solutions.  So, why does this matter?

Expectations are that half of small-to-medium sized businesses and two-thirds of all enterprise organizations are using VoIP.  Because of its ubiquity, VoIP has emerged as a substantive threat vector to businesses large and small worldwide.

The following are the leading threats to VoIP/UC networks:

  • Denial of Service (DoS) – Similar to DoS attacks on data networks, VoIP DoS attacks leverage the same tactic of running multiple packet streams, such as call requests and registrations, to the point where VoIP services fail. These types of attack often target SIP (Session Initiation Protocol) extensions that ultimately exhaust VoIP server resources, which cause busy signals or disconnects.
  • Spam over Internet Telephony (SPIT) – Much like the majority of e-mail spam, SPIT can be generated in a similar way with botnets that target millions of VoIP users from compromised systems. Like junk mail, SPIT messages can slow system performance, clog voicemail boxes and inhibit user productivity.
  • Voice Service Theft – VoIP service theft can happen when an unauthorized user gains access to a VoIP network, usually by way of a valid user name and password, or gains physical access to a VoIP device, and initiates outbound calls. Often, these are international phone calls to take advantage of VoIP’s toll by-pass capabilities.
  • Registration Hijacking – A SIP registration hijack works by a hacker disabling a valid user’s SIP registration, and replacing it with the hacker’s IP address instead. This allows the hacker to then intercept incoming calls and reroute, replay or terminate calls as they wish.
  • Eavesdropping – Like data packets, voice packets are subject to man-in-the-middle attacks where a hacker spoofs the MAC address of two parties, and forces VoIP packets to flow through the hacker’s system. By doing so, the hacker can then reassemble voice packets and literally listen in to real-time conversations. From this type of attack, hackers can also purloin all sorts of sensitive data and information, such as user names, passwords, and VoIP system information.
  • Directory Harvesting – VoIP directory harvesting attacks occur when attackers attempt to find valid VoIP addresses by conducting “brute force” attacks on a network. When a hacker sends thousands of VoIP addresses to a particular VoIP domain, most of the VoIP addresses will “bounce back” as invalid, but from those that are not returned, the hacker can identify valid VoIP addresses. By harvesting the VoIP user directory, the hacker now gains a new list of VoIP subscribers that can be new targets to other VoIP threats, such as SPIT or vishing attacks.
  • Vishing (Voice Phishing) – Vishing mimics traditional forms of phishing – attempts to get users to divulge personal and sensitive information, such as user names, account numbers and passwords. The trick works by spamming or “spitting” users and luring them to call their bank or service provider to verify account information. Once valid user information is given, criminals are free to sell this data to others, or in many cases, directly siphon funds from credit cards or bank accounts.

Why WatchGuard for VoIP and UC protection?

Easy.  WatchGuard was the first UTM vendor to seamlessly integrate SIP and H.323 proxy technologies into its firewalls.  This means IP voice packets can be just as secure as everything else on the network, which explains why Mitel and other VoIP and UC vendors trust WatchGuard to protect their systems.

About Chris McKie

Chris McKie, J.D., is a Director at WatchGuard Technologies, a leading provider of Internet security solutions. His areas of expertise include governance, risk management and compliance.

3 Responses to “Security and Voice over IP”

  1. Reply March 19, 2012 at 12:43 am

    I like this internet site because so much utile stuff on here :D.

  2. This is a joke right? Watchguard does nothing but degredate and destroy SIP packets

  3. I like what you guys aare up too. Such clever work and exposure!

    Keep up the very good works gys I’ve incorporated you guys to my

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

Join 7,532 other followers

%d bloggers like this: