In the final part of our series on cyber threats Patrick Park, author Advanced Hacking Attacks, discusses new threats including DoS attacks and other ways hackers are targeting VOIP.
Bright Hub: Is DoS (Denial of Service) something that could be of concern for a small to medium business?
Patrick Park: Compared with VoIP service provider, a small to medium business (SMB) has much less chance to face external DoS attack because of less visibility from public Internet. However, generally, the VoIP system of SMB is more vulnerable because of lack of security devices (e.g. session border controller), features or resources. SMB should consider more internal DoS, so-called "self-attack", in the form of flooding. It happens because of incorrect configuration of devices, architectural service design problems, or unique circumstances.
Here are some examples:
- Regional power outage and restoration: When the power is backed up after a regional outage, all endpoints (for example, 500 IP phones) will boot up and send registration messages to the server almost at the same time, which are unintentional flooded messages.
- Incorrect configuration of device: The most common incorrect configuration is setting endpoint devices (for example, IP phones) to send too many unnecessary messages, such as a registration interval that is too short.
- Misbehaving endpoints: Problematic software (firmware) or hardware could create unexpected flooding, especially when multiple or anonymous types of endpoints are involved in the VoIP service network.
Bright Hub: What are some other threats with using VOIP?
Patrick Park:
* Threats against availability: call flooding, malformed messages
(protocol fuzzing), spoofed messages (call teardown, toll fraud), call
hijacking (registration or media session hijacking), server
impersonating, quality of service (QoS) abuse.
* Threats against confidentiality: eavesdropping media, call pattern
tracking, data mining, and reconstruction.
* Threats against integrity: message alteration, media alteration.
* Threats against social context: misrepresentation (of identity,
authority, rights, and content), spam (of call, IM, and presence),
phishing.
And be sure to refer to Patrick Park’s book, Advanced Hacking Attacks, for the detail of each threat.
