Session Initiation Protocol (SIP) trunks are becoming a common way to connect voice and video through the internet, but like all communication technology since Alexander Graham Bell, they’re also under attack. Voice over Internet Protocol (VoIP) solutions are no different than previous versions of the telephone, with plenty of scammers ready to steal minutes or commit fraud.
Without the right security for SIP trunks, you’re risking a security breach that could hobble or even destroy your business. Be aware of the following common attacks involving systems that utilize SIP trunks:
Spoofing: This is the use of fake numbers to trick people into thinking they are receiving a call from a credible source. If you’ve been puzzled to see a call coming into your cell phone that has a number that’s just a digit or two off your own, that’s spoofing. The scammer is hoping you have family members or other contacts with a similar number and you’ll be tempted or confused into picking up. Callers using spoofing also attempt using numbers that look like they could be from a financial or government institution in order to get you to divulge personal information voluntarily.
Signal or Call Interception: If your network is unsecured, you may be allowing sensitive data to pass through your VoIP system unencrypted. The attacker can gain access to the unencrypted data, hijacking the signal in order to listen in on calls and gather sensitive personal or business data.
Distributed Denial of Service (DDoS): A DoS attack floods your network with data so that it is no longer accessible to users. When that attack originates from multiple sources, which can cause greater problems and more quickly, it’s a DDoS attack. Both can significantly interrupt your ability to do business.
Malware: A malware attack is any kind of software designed to pull or steal data, leak your security credentials or open other areas of your systems to allow attacks. It can include viruses, spyware, trojans and adware.
You can protect your SIP trunks and your broader VoIP solution with a few best practices:
- Stronger passwords are an important deterrent attacks. Create a password policy that requires a mix of letters, numbers, special symbols and capital letters, and require employees to change their passwords on a regular basis. To encourage buy-in, invest in training that not only teaches employees how to create effective passwords, but also helps them understand the risk of a breach and the cost of recovering from one.
- Default your system to deny everyone initial access to your VoIP system, then only grant access to users that are vetted for approval.
- Disable access to features and tools that your enterprise is not utilizing. For instance, if you find that employees and business partners rarely use voicemail, opting instead to coordinate decisions and planning through messaging or email, disable the voicemail function.
While none of these practices will make your SIP trunks impenetrable, they go a long way to protect your data assets and your systems. To learn more about best security practices for SIP trunks, contact us at Cory Communications. We can help you identify vulnerabilities in your VoIP solution and address them with the right tools and policies.