ISF Report Warns of New VoIP Security Threats

By | December 12, 2005

A new report from the Information Security Forum revels that along with existing security threats associated with IP networks, Voice-Over-IP will present new and more sophisticated threats. The report also highlights the risk of Denial-of-Service attack and malicious virus outbreak.

“Although VoIP is being increasingly used in the home environment, most businesses are still reliant on the Public Switch Telephone Network,” said Nick Frost, Consultant at the ISF. “We take it for granted but it is extremely resilient, something that VoIP can not currently deliver. But it is inevitable that eventually VoIP will take over as the voice service of choice, bringing with it these additional new security risks.”

The report highlights several serious security risks posed by VoIP technology: caller-ID spoofing, voice modifiers, SPIT (voicemail spam) and packet injection. ISF claims that the failure to address these security issues and the growing popularity of VoIP among businesses will eventually bring voice communication to a grinding halt.

Similar to website spoofing and phishing attacks, called-ID spoofing and voice modification software, computer hackers could relatively easily to pose convincingly as someone else resulting in identity theft.

Other VoIP security issues highlighted in the report range from redirection of calls and packet injections where words are inserted into the data stream mid -conversation, to the interception of sensitive voice traffic in transit and theft of VoIP bandwidth.

Leave a Reply