How secure are VoIP phone systems?

tswayne

I read an article in Forbes this morning about a guy who demonstrated an attack on Cisco VoIP phones, and he was able to access the mic data, and even have Google Speech to Text transcribe the data in near real time. Is this something to really be concerned about? How secure are VoIP telephone systems?

Answer this Question

Answers

7 total
dvarian
Vote Up (29)

Nothing is perfectly secure.  I remember as a kid that once in a while when I picked up the phone (the old school, wired with rotary dial) I would overhear a neighbor's conversation.  Just a few years ago, I was sitting on my porch talking on my cell phone and a neighbor came over and told me she could hear every word we said over her baby monitor.  

 

One point to remember from that Forbes article is that the "hacker" physically installed an external circuit board on one of the VoIP telephones at the "target's" office.  It's pretty hard to make any system so secure that someone with physical access to it can't figure out a way to exploit it somehow.  He could just have installed a traditional "bug" in an office phone.  So, yeah, he found a hole and exploited it, but....  Cisco has already patched it by the way.  I wouldn't lose a lot of sleep over this. 

acliffe
Vote Up (26)

With anything that we are smart enough to build, there will always be people even smarter to compromise them! Like any computer system or software VoIP can bring some security issues but so can a traditional telephone system. (http://www.wired.com/threatlevel/2008/12/hacked-phone-sy/) This story demonstrates a hack resulting in a loss of $50,000. There are steps you can take to secure any phone system, and different brands other than cisco will have their own security measures. You should make sure you discuss these concerns with your provider. My company sells all phone systems - legacy, hosted and VoIP so you can see that i'm impartial to all! Read this blog on cloud security (concerning Hosted VoIP). http://www.elitetele.com/news/read/cloud-telephony-and-security

jimlynch
Vote Up (25)

Here's an article that covers VoIP security issues.

Security Issues
http://voip.about.com/od/security/Security_Issues.htm

"How secure is VoIP? Learn about the security issues related to VoIP, threats and dangers, prevention measures and precautions. Find more on VoIP security protocols and their use in VoIP networks."

Christopher Nerney
Vote Up (25)

Given what you read in the Forbes article, maybe this link offering tips from Cisco on VoIP phone security isn't the way to go here.

 

How secure VoIP systems are probably is slightly subjective, though there are enough questions that this white paper was able to compile a list of top 10 security issues for VoIP. Perhaps the most important point in the white paper is that "VoIP security is only as reliable as the underlying network security."

 

 

 

 

zeevp
Vote Up (21)

Depite what most UC vendors and service providers want you to believe, VoIP systems are grossly insecure. Not only by themselves, but they also open new attack vectors at your data systems. See www.UCSecurity.org.

lilalash
Vote Up (12)

VoIP Phone System are telephones utilized with Voice over Internet Protocol innovation. Voip is the innovation used to transmit sound as information or Packets over the Internet to either a Pc client or to a landline phone. Voip is expanding in ubiquity, as it is quite esteemed for its incredible quality, ease, and staggering characteristics. Voip is picking up admiration, as a reasonable solution for business needs. Voip will permit long distance calls for either free or for simply pennies contrasted with universal telephone administrations. it is very secure.

 

Steve Youngblood
Vote Up (1)

There are VOIP system you install in your facility and there are those you use as a service.  Those that are delivered as a service (software as a service or SaaS) represent far less risk as cloud PBX providers are better able to understand the risks and protect against them (in their software and in the management of the hardware and software.)

 

Here are a post we put up lately listing some of the things we do to protect VOIP customers:  http://www.avoxi.com/8-security-measures-you-need-for-voip/.  

 

No security is perfect.  But, the major VOIP providers employ teams to do nothing but ensure great phone service combined with reliability and security.

Ask a question

Join Now or Sign In to ask a question.
Mark Pincus, who founded Zynga in 2007 and gave up his CEO title less than a year ago, is now giving up all his operational duties at the company.
The U.S. Federal Communications Commission will take public comments before moving forward with a new set of net neutrality rules that sparked controversy when they were leaked in a news report earlier Wednesday.
The U.S. Federal Communications Commission will propose new net neutrality rules Thursday that will allow broadband providers to charge companies like Netflix for preferential traffic management, according to a news report.
Facebook reported a nice 72 percent boost in sales for the first quarter, as the company continues to make strides expanding its advertising business on mobile devices.
If something about iOS 7.1 just didn't sit right for you, no worries: Here comes iOS 7.1.1 to give it another shot.
The U.S. Federal Communications Commission voted Wednesday to shift US$9 billion over five years from traditional telephone subsidies to broadband subsidies, in an effort to bring high-speed Internet services to 5 million U.S. residents who don't have access.
Revelations about U.S. secret surveillance programs have left China's Huawei Technologies exhausted on the public relations front, a top company executive said Wednesday.
The U.S. Federal Communications Commission will vote Wednesday on a proposal to pump US$1.8 billion into a fund that subsidizes broadband deployments in rural communities.
Installment plans for cellphones are starting to squeeze out the time-honored practice of paying a subsidized price up front, AT&T says.
Reddit has removed from its front page the popular r/technology subreddit after what it called bad editorial choices by the page's moderators.
randomness