Don’t Let VoIP Catch You out
Around nine WiFi VoIP handsets and phones have been put to the test by leading security experts, who say that security problems range from potential DoS attacks to more serious problems that allow “deep access” to the device that lets unscrupulous individual read any sensitive information on the phone.
Problems like this inevitable. So who should sort it out? it has been posited that if we see practices like this develop as these devices become more prevalent then the manufacturers will only have themselves to blame when the security backlash comes back to haunt them.
VoIP hacking is the contemporary version of war dialing – a method of automatically scanning telephone numbers using a modem, often ringing every phone number in a local area to find where computers or fax machines are available, then attempting to access them by guessing passwords.
Still there are actions people can take to limit security vulnerablities. Here’s a list of WiFi VOIP security issues, and some useful ways to protect against them:
Many directions of attack:
As the VoIP phones get more advanced, so could the points of entry for would be hackers. Email, client Web browsers, Bluetooth, SMS, WiFi, media players, and image viewers could all give hackers a point of entry. Though users can use open-source as well as commercial tools to frequently test their phones and networks, they’ll ultimately have to rely on vendors to also do effective testing on these VoIP phones.
Targeting phones in public environments:
For example a Bluetooth scanner could be hidden at the entrance to a major public space and be used to steal user data. It may be best to keep Bluetooth and other wireless features swicthed off when not needed.
Rogue access points:
Meanwhile at the office or on the road, users will have to keep their guard up and scan for rogue access points. Unscrupulous individuals will set up access points to target specifically WiFi phones in the corporate space as well as at conferences and other places business people like to come together. Decent device authentication and encryption can help provide protection here.
Targeted attacks:
Select attacks on precise voice-over-wireless networks can also be an issue, albeit one that the victims may try to downplay.