How secure are VoIP phone systems?

tswayne

I read an article in Forbes this morning about a guy who demonstrated an attack on Cisco VoIP phones, and he was able to access the mic data, and even have Google Speech to Text transcribe the data in near real time. Is this something to really be concerned about? How secure are VoIP telephone systems?

Answer this Question

Answers

7 total
dvarian
Vote Up (37)

Nothing is perfectly secure.  I remember as a kid that once in a while when I picked up the phone (the old school, wired with rotary dial) I would overhear a neighbor's conversation.  Just a few years ago, I was sitting on my porch talking on my cell phone and a neighbor came over and told me she could hear every word we said over her baby monitor.  

 

One point to remember from that Forbes article is that the "hacker" physically installed an external circuit board on one of the VoIP telephones at the "target's" office.  It's pretty hard to make any system so secure that someone with physical access to it can't figure out a way to exploit it somehow.  He could just have installed a traditional "bug" in an office phone.  So, yeah, he found a hole and exploited it, but....  Cisco has already patched it by the way.  I wouldn't lose a lot of sleep over this. 

jimlynch
Vote Up (31)

Here's an article that covers VoIP security issues.

Security Issues
http://voip.about.com/od/security/Security_Issues.htm

"How secure is VoIP? Learn about the security issues related to VoIP, threats and dangers, prevention measures and precautions. Find more on VoIP security protocols and their use in VoIP networks."

Christopher Nerney
Vote Up (31)

Given what you read in the Forbes article, maybe this link offering tips from Cisco on VoIP phone security isn't the way to go here.

 

How secure VoIP systems are probably is slightly subjective, though there are enough questions that this white paper was able to compile a list of top 10 security issues for VoIP. Perhaps the most important point in the white paper is that "VoIP security is only as reliable as the underlying network security."

 

 

 

 

acliffe
Vote Up (30)

With anything that we are smart enough to build, there will always be people even smarter to compromise them! Like any computer system or software VoIP can bring some security issues but so can a traditional telephone system. (http://www.wired.com/threatlevel/2008/12/hacked-phone-sy/) This story demonstrates a hack resulting in a loss of $50,000. There are steps you can take to secure any phone system, and different brands other than cisco will have their own security measures. You should make sure you discuss these concerns with your provider. My company sells all phone systems - legacy, hosted and VoIP so you can see that i'm impartial to all! Read this blog on cloud security (concerning Hosted VoIP). http://www.elitetele.com/news/read/cloud-telephony-and-security

zeevp
Vote Up (27)

Depite what most UC vendors and service providers want you to believe, VoIP systems are grossly insecure. Not only by themselves, but they also open new attack vectors at your data systems. See www.UCSecurity.org.

lilalash
Vote Up (18)

VoIP Phone System are telephones utilized with Voice over Internet Protocol innovation. Voip is the innovation used to transmit sound as information or Packets over the Internet to either a Pc client or to a landline phone. Voip is expanding in ubiquity, as it is quite esteemed for its incredible quality, ease, and staggering characteristics. Voip is picking up admiration, as a reasonable solution for business needs. Voip will permit long distance calls for either free or for simply pennies contrasted with universal telephone administrations. it is very secure.

 

Steve Youngblood
Vote Up (6)

There are VOIP system you install in your facility and there are those you use as a service.  Those that are delivered as a service (software as a service or SaaS) represent far less risk as cloud PBX providers are better able to understand the risks and protect against them (in their software and in the management of the hardware and software.)

 

Here are a post we put up lately listing some of the things we do to protect VOIP customers:  http://www.avoxi.com/8-security-measures-you-need-for-voip/.  

 

No security is perfect.  But, the major VOIP providers employ teams to do nothing but ensure great phone service combined with reliability and security.

Ask a question

Join Now or Sign In to ask a question.
A growing number of mobile Internet outages were caused by bugs as networks become more software dependent.
The U.S. Federal Communications Commission's deadline for the public to comment on the agency's proposed net neutrality rules passed Monday with more than 3 million comments filed, by far a record number for an FCC proceeding.
Internet conglomerate Mail.Ru has at last acquired total control of Russian social network VKontakte after a lingering shareholder dispute involving allegations of embezzlement and the involvement of the Russian secret service.
Uber appears determined not to stand down in the face of a regulatory challenge to its new shared ride service.
A collaboration platform that was initially developed to help professional sports teams share video on tablets is now trying to score with businesses.
What should happen to your personal digital communications -- emails, chats, photos and the like -- after you die? Should they be treated like physical letters for the purposes of a will?
Google is planning to test Internet delivery by drone high above New Mexico, according to a government filing.
Video on-demand service Netflix is expanding in Europe and will soon appear on the set-top boxes of French telecom operator Bouygues Telecom, the operator said on Monday.
New car-pool services sold by ride-sharing companies including Uber and Lyft are illegal in California, according to state regulators.
The line between TV and mobile services is blurring, and in many cases that blur in between them is a cloud.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+