VoIP – Cybersecurity risks & Best Practices in 2021

Voice over Internet Protocol (VoIP) has been at the center of every single interaction since its inception into the world of contact centers. VoIP transmits data from one point to another by using packet switching. In short, the human voice is broken into smaller parchment to travel faster via cloud to the end caller. Once there, it is reconnected and successfully emits voice data. 

VoIP offers endless benefits to businesses in terms of faster communication, better customer service resolution rates and increased productivity. The big question everyone has in 2021 is about cyber security attacks and its increased impact on the contact center world due to the heavy usage of telephonic conversation via VoIP. Cyber-attacks in France have quadrupled over the last year, forcing authorities to strengthen the chain of cyber-defense from end to end. Around 70% of business decision makers are today more than concerned about the high cyber security risk their businesses are facing. Who are the target of these attacks? What is the amount of damage done by these attacks? What measures need to be undertaken to stay “safe” from these attacks? 

Let’s dive into the world of cyber security and see how it can impact your contact center. Businesses today focused on quickly adapting to latest trends that a lot of business owners overlooked the simple aspect of VoIP security in regards to data breach until a point of no return. Major companies like Target, who saw their consumer perception drop by roughly 54% a year after their infamous 2013 data breach, have trouble recovering. So, while some major retailers and well-known brands can recover from a data breach, your business probably won’t be so lucky. 

VoIP Security and Encryption 

VoIP phone are more secure than normal landlines due to the simple fact that it has analytics and monitoring capabilities unlike normal landlines, who are more expensive in regards to maintenance cost and implementation. Encrypted conversation contain unreadable clutters broken into voice packets that are transmitted from one point to another, thus preventing them to be deciphered by hackers. Even in case of interception, encryption ensures that hackers won’t be able to decipher messages within the conversations. For a safe transfer to occur SRPT (Secure Real Time Transport Protocol) is used. It contains AES (Advanced Encryption Standard) to data packets while providing message authentication and offers additional security against potential replay. On top of SRPT, VoIP solutions needs to be encrypted with Transport Layer Security to protect data like phone numbers, caller names and other details. It also refrains message tampering and call eavesdropping. Both TLS and AES are necessary if are seeking end to end encryption. Servers, ISPs, hackers, and telecom providers won’t be able to access your communication, as long as its end-to-end encrypted. 

Here are a few common VoIP security risks along with security measures in order to stop business damage :


1.Packet Sniffing and Black Hole Attacks :  Packet Sniffing is one of the most common attacks faced by contact centers (small or medium sized ones), which allows hackers to tap into unencrypted information contained in voice data packets while being in transit from one point to another. 

Packets Loss occurs when voice data does not reach their destination. Packets sniffers look to steal information via a packet drop attack (also known as black hole attack). Packets are intentionally inserted into your data streams and they overtake your router thus resulting in a slow connection or a loss of 

connection. Using a VoIP VPN helps make your internet lines more secure. End to end encryption is also another way of securing your VoIP lines. These may take some time to put in place however it ensures protection against suspicious logins, unrecognized devices and more through a constant network monitoring. 

2. DDoS Attacks  : DDoS (Distributed Denial of Service) attacks on the other hand occurs when servers are intentionally overwhelmed thus making businesses unable to use their own VoIP. The use of botnets (manipulated remotely controlled bots created by hackers) are the main cause of DDoS. The modus operandi is very simple: Flood all channels of communications (website, servers and networks) with so much data and request that they can handle causing a sort of overload to render VoIP inoperable. 

Common signs are: 

  • Unexpected and lengthened bandwidth spikes 
  • 503 HTTP Error Responses 
  • Slowed Service 
  • Unusual traffic from similar devices, IP addresses and locations. 

To diminish DDoS attacks, VLANs (Virtual Local Area Networks) specially designed for VoIP flux is considered the best option to be used here as it makes it easier to recognize unwarranted and bizarre data flows. For users across WAN (Wide Area Network), monitored encryption is the best way to protect your business against DDoS attacks. 


3. Vishing : Vishing is the same as Phishing. The only difference here is that the hackers will use voice communication methods to get end user reveal sensitive information like passwords, credit card information, security codes and much more. Hackers use a method called Caller ID spoofing; where your caller ID credentials appear to be legitimate. It can be a call from your local bank stating that your account has been compromised and they would need your password to secure your account. 

In depth verification methods needs to be put in place in order to verify all caller ID and phone requests even if it looks like it’s coming from an IT dept. Another tactic that can be used here would be through proper agent training. Agents should be told to not disclose any confidential information unless it has been validated by a supervisor. 

Signs of Vishing are: 

  • Short and unusual numbers appearing on call screening caller ID Display. 
  • Startling calls from known or famous companies 
  • Persistent request to provide confidential information for verification purposes. 
  • A false sense of urgency created from the caller. 

How to prevent Vishing: 

  • Do not provide confidential information over the phone to anyone that falls under your suspicion radar. 
  • Join a Do Not Call Registry 
  • Don’t respond to voice prompts via voice answers or touchtone

4. Phreaking Attack : Hackers get into your VOIP network in order to change calling plans, make international calls and even add additional call credits and all that through your own system and through your bank account. Stored billing information is stolen, your voicemail is accessed and routing strategies and call forwarding is configured according to their liking. 

How this works:  Hackers call on your phone system and then enter a Pin code to access and outside line while making calls and charge them to you. 

Should you notice an increase in phone bills, unknown numbers in call history, calls made during off hours, then you are for sure victim of Phreaking. 

Encrypt your SIP, change passwords regularly, purchase ransomware and most importantly, do not save billing information in your system 

5, Toll Fraud  : Hackers make an excessive amount of international calls from your business phone and they take a portion of the revenue generated from these calls. 

IPRN (International Premium Rate Number) providers buy and sell phone numbers from national carriers or regulators. Hackers generate a large amount of dials from these lists and then take the revenue for themselves. Preventing toll fraud is quite simple. All you need to do is enable two way authentication factor, restrict locations permissions by allowing users to contact a limited no of countries and lastly set limits on call durations. 

How to tell if your VoIP Provider is Secure 

Ask them the following questions: 

  • What is the guaranteed uptime, and how to they minimize downtime? 
  • How long will it take to cater for a security breach, and in how much time is safe service restored? 
  • Are they GDPR, HIPAA, and PCI compliant? Do they have any other security certifications? 
  • What is done to protect on premise servers, and how do they mitigate security risks like DNS attacks, phishing, toll fraud, and more? 
  • Should you use third-party applications or services, what are the documentations in regards to security protocols and how is it implemented? 
  • Does encryption impact calls quality and how is that specific data encrypted?
  • What are the different packages of customer support, what are the hours and what are the channels? (Phone, online live chat, email, etc.) 

A few best practices in regards to VOIP for IT Leaders 

Questions IT leaders should ask themselves before trying to refrain or prevent security breach 

  1. Type of information being managed?
  2. What are the business assets?
  3. What kind of connection we have and how do these people expose us to threats?
  4. The current risk and if it’s being taken care of?
  5. Our business’ ability to mitigate risks?
  6. Is ourthird partymanagement policy on par? 

VOIP Best Practices to follow 

  • Create a strong password policy – Avoid using the same password for more than 2 weeks, do not use same password for multiple accounts and do not use personal information as password. 
  • Avoid using public wifi – Stop nurturing malwares through the use of public wifi. Always use secured connection. 
  • Conduct regular security audits – gateway, firewalls, cyber-attacks simulations, app based scanning and patching procedures needs to be put into place and monitored 
  • Be consistent in software and system updates – Ensure your business is always in compliance with the latest technology and security. 

We hope that this article helped you see how hackers take advantage of VOIP Networks and how cyber security should be on the top of your to-do list as an IT manager. In contact centers, data is the biggest asset of it all and securing your data is the most important thing to do. At Nixxis, we believe that prevention is better than cure. 

Contact US for more information.