Although the media reports mostly on the cybercrime that occurs to online platforms or databases of sensitive customer data, Voice over IP (VoIP) telephony solutions, by nature, can also be vulnerable to cyberattacks. Opportunistic hackers regularly attempt to gain access to business telephony systems to disrupt their services, or profit from placing calls to premium numbers that they can collect revenue from. With COVID-19 sparking an increase in cybercrime overall, it is vital that organizations stay vigilant against any threats to their networks –including their telephone lines.
There are several forms of attack, but the most common are:
- A malicious attacker intending to bring down your SIP device will try to overwhelm your IP address. The attacker will send a huge number of flawed SIP messages that cannot be processed by the device, thus rendering it unusable and preventing calls from being processed. This is a type of Denial-of-Service (DoS) attack, notoriously also used to take down websites by flooding them with traffic, and can have a negative impact on your brand reputation, as your customer service lines may become unreachable.
- The attacker will search for access to your network so they can place fraudulent calls. They might try to compromise the password on your hosted PBX system or use programmed scripts to continuously search for open VoIP ports to access your network through; telephones, routers, or computers. If an open port is found, the attacker will gather as much information as they can, like phone numbers, lines, and extensions. Once they have this information they can route high volumes of calls through your network, typically to expensive international or premium numbers, which can quickly amount to substantial losses.
Pure IP monitors our own network as well as our customers’ telephony networks continuously to highlight any suspicious activity for investigation. We use a range of applications and tools to scan for anomalies in call patterns that instantly alert our engineers if any thresholds have been breached. If, for example, concurrent calls from the same source IP address were being made to expensive destinations, our team would review the customer’s account. Does this behavior deviate from their usual calling profile? Is it a destination they have called before? We notify customers about every incident, and depending on what we identify, we have the ability to immediately block calls to suspicious destinations.
We have been successful in identifying and stopping many security breaches that originated in customer networks like this through the years, but there is a simple step that organizations can take to help prevent the hackers from gaining access in the first place – changing your default passwords. The most common way that cybercriminals gain unauthorized access to telephony networks is through VoIP handsets or softphones that are still using the default password. We always recommend that our customers set strong passwords on all their devices and accounts using a combination of lower and uppercase letters, numbers, and symbols, and never store them in plain text.
These proactive monitoring measures are included as standard with every Pure IP enterprise voice Managed Service, and have already saved corporations around the world time and money that would otherwise have been spent on security breaches.