Emerging VoIP Security Fears

As individuals and organizations move away from hardware-based traditional landlines to software-based VoIP communications solutions, security companies are increasingly asking questions of how secure VoIP systems are. Because VoIP routes calls over the internet it can be attacked with distributed denial of service attacks, viruses, eavesdropping, ID spoofing etc.

Security experts fear that as the world rushes to adopt VoIP, security concerns are being overlooked.

“Security concerns are being left behind because of the speed at which VOIP is being adopted. We are getting powerful new systems but hackers are getting powerful new tools,” said Dipak Ghosal, a University of California computer security researcher.

The issue with new VoIP phones is that they are capable of receiving and executing code, including malicious code distributed by hackers. This could lead to phones making unnecessary emergency calls, calls to high rate numbers and even launch a coordinated denial of service attack on a server or network. Security experts are worried that hackers may even be able to create a network of drones (VoIP phones under their control) that can be used at their own will against others.

There are already hackers using applications called VOMIT (voice over misconfigured internet telephones) that can eavesdrop on callers. However, VoIP providers such as Vonage are built using a distributed network of servers and datacenters which are designed to minimize damage from any attack.