his is known as ‘toll fraud’ but it can go much further than just allowing hackers to make unauthorised calls. With sufficient access to your network, they may even be able to set up an extra ‘ghost’ hosted PBX, allowing them to make lots of fake calls that you end up paying for.
So we’ve looked at some denmark telegram of the common motives for attacking VoIP systems. But what can you do to guard against them? Many security professionals now believe that network attacks are a matter of ‘when’ rather than ‘if’. In many cases, the attackers’ lives are made easier thanks to misconfigurations and poorly enforced security policies.
Many of the things you can do to protect your VoIP system are straightforward. Using strong passwords, for example, is essential. Never leave the default password set on any phones or other devices and ensure that employees always use their own access codes and don’t share them with anyone else. Avoid weak passwords such as the name of your business and make sure you enforce a mix of upper and lower case characters and numbers to make passwords harder to crack.
VoIP calls are actually harder to intercept than old-fashioned PSTN calls. However, if you are worried about exposing sensitive information, you can also look at encrypting network traffic so that if call data is intercepted, it remains useless to the attacker. You may well already have the capability to do this built into your router or firewall, so it could just be a case of turning encryption on.
If you have employees accessing your VoIP system from outside – on mobile devices or when working from home – you might want to consider using a VPN. This creates a secure ‘tunnel’ through the public internet so that your information can’t be intercepted and it allows remote workers to access your network as if they were in the same building.
Errors in configuration can often lead to vulnerabilities and these are easily overlooked. It’s therefore important that you test your network to find any weaknesses which you can then address as necessary. If you don’t have the capability to do this yourself, there are specialists that can do it for you.