How secure are VoIP phone systems?
I read an article in Forbes this morning about a guy who demonstrated an attack on Cisco VoIP phones, and he was able to access the mic data, and even have Google Speech to Text transcribe the data in near real time. Is this something to really be concerned about? How secure are VoIP telephone systems?
Answers
With anything that we are smart enough to build, there will always be people even smarter to compromise them! Like any computer system or software VoIP can bring some security issues but so can a traditional telephone system. (http://www.wired.com/threatlevel/2008/12/hacked-phone-sy/) This story demonstrates a hack resulting in a loss of $50,000. There are steps you can take to secure any phone system, and different brands other than cisco will have their own security measures. You should make sure you discuss these concerns with your provider. My company sells all phone systems - legacy, hosted and VoIP so you can see that i'm impartial to all! Read this blog on cloud security (concerning Hosted VoIP). http://www.elitetele.com/news/read/cloud-telephony-and-security
- Share this answer
- Permalink
Here's an article that covers VoIP security issues.
Security Issues
http://voip.about.com/od/security/Security_Issues.htm
"How secure is VoIP? Learn about the security issues related to VoIP, threats and dangers, prevention measures and precautions. Find more on VoIP security protocols and their use in VoIP networks."
- Share this answer
- Permalink
Nothing is perfectly secure. I remember as a kid that once in a while when I picked up the phone (the old school, wired with rotary dial) I would overhear a neighbor's conversation. Just a few years ago, I was sitting on my porch talking on my cell phone and a neighbor came over and told me she could hear every word we said over her baby monitor.
One point to remember from that Forbes article is that the "hacker" physically installed an external circuit board on one of the VoIP telephones at the "target's" office. It's pretty hard to make any system so secure that someone with physical access to it can't figure out a way to exploit it somehow. He could just have installed a traditional "bug" in an office phone. So, yeah, he found a hole and exploited it, but.... Cisco has already patched it by the way. I wouldn't lose a lot of sleep over this.
- Share this answer
- Permalink
Given what you read in the Forbes article, maybe this link offering tips from Cisco on VoIP phone security isn't the way to go here.
How secure VoIP systems are probably is slightly subjective, though there are enough questions that this white paper was able to compile a list of top 10 security issues for VoIP. Perhaps the most important point in the white paper is that "VoIP security is only as reliable as the underlying network security."
- Share this answer
- Permalink








Depite what most UC vendors and service providers want you to believe, VoIP systems are grossly insecure. Not only by themselves, but they also open new attack vectors at your data systems. See www.UCSecurity.org.