How secure are VoIP phone systems?

tswayne

I read an article in Forbes this morning about a guy who demonstrated an attack on Cisco VoIP phones, and he was able to access the mic data, and even have Google Speech to Text transcribe the data in near real time. Is this something to really be concerned about? How secure are VoIP telephone systems?

Answer this Question

Answers

7 total
dvarian
Vote Up (37)

Nothing is perfectly secure.  I remember as a kid that once in a while when I picked up the phone (the old school, wired with rotary dial) I would overhear a neighbor's conversation.  Just a few years ago, I was sitting on my porch talking on my cell phone and a neighbor came over and told me she could hear every word we said over her baby monitor.  

 

One point to remember from that Forbes article is that the "hacker" physically installed an external circuit board on one of the VoIP telephones at the "target's" office.  It's pretty hard to make any system so secure that someone with physical access to it can't figure out a way to exploit it somehow.  He could just have installed a traditional "bug" in an office phone.  So, yeah, he found a hole and exploited it, but....  Cisco has already patched it by the way.  I wouldn't lose a lot of sleep over this. 

Christopher Nerney
Vote Up (32)

Given what you read in the Forbes article, maybe this link offering tips from Cisco on VoIP phone security isn't the way to go here.

 

How secure VoIP systems are probably is slightly subjective, though there are enough questions that this white paper was able to compile a list of top 10 security issues for VoIP. Perhaps the most important point in the white paper is that "VoIP security is only as reliable as the underlying network security."

 

 

 

 

jimlynch
Vote Up (31)

Here's an article that covers VoIP security issues.

Security Issues
http://voip.about.com/od/security/Security_Issues.htm

"How secure is VoIP? Learn about the security issues related to VoIP, threats and dangers, prevention measures and precautions. Find more on VoIP security protocols and their use in VoIP networks."

acliffe
Vote Up (30)

With anything that we are smart enough to build, there will always be people even smarter to compromise them! Like any computer system or software VoIP can bring some security issues but so can a traditional telephone system. (http://www.wired.com/threatlevel/2008/12/hacked-phone-sy/) This story demonstrates a hack resulting in a loss of $50,000. There are steps you can take to secure any phone system, and different brands other than cisco will have their own security measures. You should make sure you discuss these concerns with your provider. My company sells all phone systems - legacy, hosted and VoIP so you can see that i'm impartial to all! Read this blog on cloud security (concerning Hosted VoIP). http://www.elitetele.com/news/read/cloud-telephony-and-security

zeevp
Vote Up (28)

Depite what most UC vendors and service providers want you to believe, VoIP systems are grossly insecure. Not only by themselves, but they also open new attack vectors at your data systems. See www.UCSecurity.org.

lilalash
Vote Up (18)

VoIP Phone System are telephones utilized with Voice over Internet Protocol innovation. Voip is the innovation used to transmit sound as information or Packets over the Internet to either a Pc client or to a landline phone. Voip is expanding in ubiquity, as it is quite esteemed for its incredible quality, ease, and staggering characteristics. Voip is picking up admiration, as a reasonable solution for business needs. Voip will permit long distance calls for either free or for simply pennies contrasted with universal telephone administrations. it is very secure.

 

Steve Youngblood
Vote Up (6)

There are VOIP system you install in your facility and there are those you use as a service.  Those that are delivered as a service (software as a service or SaaS) represent far less risk as cloud PBX providers are better able to understand the risks and protect against them (in their software and in the management of the hardware and software.)

 

Here are a post we put up lately listing some of the things we do to protect VOIP customers:  http://www.avoxi.com/8-security-measures-you-need-for-voip/.  

 

No security is perfect.  But, the major VOIP providers employ teams to do nothing but ensure great phone service combined with reliability and security.

Ask a question

Join Now or Sign In to ask a question.
TwitPic, the image-hosting company that two weeks ago said it would shut down after a trademark dispute with Twitter, has apparently been acquired, keeping its service alive.
The appointment of John Weir as the new head of Smart Mobile in Sierra Leone highlights the new competitive dynamics in the West African country and the shadow that has fallen over the expansion plans of Libya's telecom holding company, Lap Green Network.
Facebook users will soon start to see more posts higher in their feeds tied to popular events or topics of conversation, with less relevant posts getting pushed farther down.
Safaricom, East Africa's largest telecom operator, has been cleared by shareholders to acquire Indian-owned YuMobile, paving way for the company to consolidate its dominance of the Kenyan telecom market.
Here's how to map out a game plan for scheduling your social media activity.
Full-featured, integrated chips and tough competition have forced telecom vendor Ericsson to halt all future development of its LTE modems.
Mobile gaming giant DeNA is hoping a streaming platform that serves up plenty of female idol singers beloved by "otaku," or obsessive geeks, can be a hit with users outside Japan.
In a move that could prove unpopular with IT administrators, Google has granted rights to end users of its Apps workplace email and collaboration suite to install third-party software from the company's Google Apps Marketplace.
AT&T says enterprises are about to reap the benefits of the software-defined transformation of its network with faster service setup through an online portal.
The U.S. Federal Communications Commission should abandon its efforts to pass net neutrality rules because new regulations would hurt investment and the deployment of broadband, a parade of Republican senators and advocates said Wednesday.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness