VoIP HackingWhat’s in it for the Attacker?

With so many high profile data breaches making the headlines, it’s easy to forget that IP Communications systems are

routinely targeted for attack.

The first step to ensuring VoIP service security is knowing your enemy.

So the question remains - what’s in it for different kinds of VoIP hackers?

Take a look at the 4 most common VoIP hacks you’ll encounter in the real world:

Hackers Have Fun with Extortion, Too

Premium Rate Fraud Takes Advantage of Long-Distance Calls

Just for Fun It’s Not Always About the Money

VoIP Hacker #1 - Just for Fun

For some hackers, it’s all about the fun of causing mischief. VoIP spoofing and swatting are the two main methods for these attackers.

VoIP spoofing is when hackers modify caller identification data to masquerade as someone else.

Hackers basically play pranks on unsuspecting victims by placing emergency calls that appear to

come from their address.

In the early 2000s, hackers would compromise VoIP systems to place fake emergency calls.

While hackers laugh, people are put in serious danger.

VoIP Hacker Profile #2 - Hackers Have Fun with Extortion, Too

There are more dangerous cyber criminals waiting to strike.

VoIP hacking may not be in the news as much as other attack vectors, but there’s plenty of money for cyber criminals to make with VoIP DDoS attacks.

DDoS attacks were launched in record numbers in 2015 and VoIP systems are just as vulnerable

as any other Internet-connected service. For VoIP hackers, DDoS attacks can yield big returns.

By cracking a weak password in the VoIP network, hackers can gain access to the entire system and

launch a DDoS attack to block it entirely.

Hackers can take advantage of the need for VoIP service and extort ransom money from business owners.

VoIP Hacker Profile #3 - Premium Rate Fraud Takes Advantage of Long-Distance Calls

Attackers can use access to the VoIP system together with an auto-dialing tool to have multiple phones access a premium rate link.

The company is charged for the phone calls and the person who made the malicious link receives fees. Hackers make their money by

collecting a percentage of these fees.

These attacks can be hard to trace because hackers will load the siphoned money onto untraceable debit cards.

VoIP Hacker Profile #4 -It’s Not Always About the Money

Not all VoIP attacks are about the monetary value.

Eavesdropping is an issue that both service providers and enterprises alike

need to prevent.

By compromising a VoIP phone or its software, hackers can get to a point in the network where they can capture voice traffic.

Phone calls remain unaffected, but the attacker can hear everything that is discussed.

Do you want hackers listening into your board meetings?

Intellectual property and competitive advantage is at stake and VoIP service

providers must be ready.

You Know the Enemy - Now Defend Your Services

Service providers need to ensure that a breach of their environment won’t compromise their customers.

On the other hand, enterprises themselves need to take measures to keep it from happening on their end as well.

Firewalls are a good choice for baseline infrastructure defense, but enterprise session border controllers offer additional protection for voice systems

What have you done to protect your communications service from these kinds of VoIP hackers?

In order to best secure IP Communication systems against hackers and outside threats, download the free guide, Firewalls vs Session Border Controllers.

If you’d like to see more about VoIP hackers and what motivates them, you can read the full blog post here.

Don’t forget to sign up to the Edgewater Networks blog for great insights on the Network Edge.

Thank You!