TMCnet News
Making Sense of VoIP Security ThreatsBy Bogdan Materna, CTO and VP Engineering VoIPshield SystemsIntroductionSecurity has consistently been cited as the number one concern for organizations deploying VoIP. A recent study indicated that almost half of IT directors believe that VoIP networks are inherently insecure.
With the implementation of VoIP networks rapidly accelerating, there is greater uncertainty about the different types of VoIP security threats, the level of threat they pose, and how the VoIP network can be secured to prevent threats from becoming attacks. Amid all the hype around VoIP security, organizations need to cut through the noise and gain an understanding of the VoIP security threat categories, as well as the potential outcomes of each type of attack. The perception and impact of security threats will strongly depend on business models and type of organization implementing VoIP infrastructure and services.
VoIP Security Threats Categories
The VoIP security threats can be categorized in a number of ways. At the current time, VoIP security threats falls into three main categories: attacks that aim at compromising VoIP service availability, malicious activities which goal is to compromise integrity of the services, and eavesdropping.
Service Availability
The real-time nature of voice communications presents a number of unique challenges when it comes to attacks related to service availability. VoIP has very high sensitivity to QoS parameters which serves to amplify the threat of the known attacks such as Denial of Service (DoS) attacks, viruses and worms. A virus attack on a data network that would merely slow down the network can quickly cripple a VoIP network as QoS is quickly compromised.
DoS, virus and worm-based threats use VoIP specific protocols and VoIP application vulnerabilities to overload the network and impact VoIP QoS making the service unavailable. They may also target critical VoIP applications such as end-user phones and soft-clients, call managers, authentication servers and billing applications.
Others service availability threats include zero-day VoIP worms/viruses impacting VoIP servers, clients and QoS, buffer overflow related attacks on critical VoIP applications such as SIP servers. A common scenario is the flooding of VoIP components with signaling protocol packets causing exhaustion of resources and denial of service attacks. Other possible scenario includes a DoS attack that exploits loop and spiral implementation on a call manager to have two or more phones continually forwarding a single request message, back and forth, to each other until resources on the call manager are exhausted. This can affect a large number of phones leaving them unable to initiate or receive calls.
Service availability attacks such as DoS and virus attacks are viewed as the most significant VoIP security threats due to the possibility of lost revenues, system downtime, lost productivity and unplanned maintenance costs. Furthermore, such attacks are a major concern for enterprises and service providers providing public services such E-911, as even the smallest disruption could have significant or even catastrophic consequences.
Service Integrity
Threats to VoIP service integrity are those based on malicious activities which focus on compromising the network through toll fraud, identity theft and fraud attacks. Understandably, threats which compromise service integrity are of concern to service providers who may face consequences such as lost revenues and inaccurate billing as a result.
A common scenario which compromises service integrity is a hacker using a VoIP phone which is connected to the network and access is gained using a stolen or guessed user account and password to place phone calls at the victim's expense. Furthermore, VoIP conversations could be hijacked and the caller would be misled into communicating with the attacker, masquerading as a party to this call.
In addition to the possible attacks outlined above, VoIP services are offered with many features such call ID, call forward, voice mail, three-way calling, etc. which could potentially be used for toll fraud, identity theft and spam. For example, an individual could intentionally present a false identity in the form of false caller ID, voice mail or phone number. This type of misrepresentation is a common element of such attacks as phishing and SPIT.
Another concern when it comes to service integrity is that for the foreseeable future PSTN and VoIP networks will coexist and require media gateways that provide internetworking between carrier’s IP network and TDM based PSTN networks. As a result, this interaction may introduce new vectors of attack and provide opportunities for attacks on PSTN through the VoIP network.
Eavesdropping
Eavesdropping on signaling and media paths allows the attacker to use Session Initiation Protocol (SIP) messages and Real Time Protocol (RTP) packets to obtain sensitive business or personal information. It also allows creating various man-in-the-middle attacks altering the content of the conversation. Privacy and confidentiality threats such as call eavesdropping, insertion and disruption, masquerading, registration hijacking, impersonation and replay are a major concern to the governments and financial institutions.
An example of the eavesdropping threat could be conversation reconstruction that involves collection of VoIP information included into packets and then translation into plain speech. In this scenario important and confidential calls, as those related to national security or financial information, could be intercepted and provide third parties with confidential information.
Possible attacks related to eavesdropping include conversation alternation, impersonation & hijacking. Conversation impersonation and hijacking includes various modifications of any voice, video, text and/or imaging data. As in the conversation reconstruction scenario the first step is VoIP information collection and translation. However, in this case the contents of the conversation could be altered and provide the entities using VoIP services with false and misleading information.
VoIPSA’s VoIP Security Threat Taxonomy
VoIP Security Alliance (VOIPSA) provides another categorization of VoIP security threats including social threats, eavesdropping, interception and modification, service abuse and intentional interruption of service. VoIPSA’s VoIP Security Threat Taxonomy, when finalized, will provide a solid basis for a VoIP threat taxonomy that will enable all the interested parties use the same language to describe security risk and their implications.
In this article are only few representative examples of possible threats to VoIP security. Readers are encouraged to review a draft document titled “VoIP Security and Privacy Threat Taxonomy” that is available at http://www.voipsa.org/Activities/taxonomy.php to get more in-depth view of the potential VoIP security threats.
Summary
VoIP infrastructure and services create a complex system that offers a potential intruders a multitude of opportunities for attack. While there are few documented VoIP security attacks to date, as VoIP networks become a mass market reality, the number of attacks will quickly increase.
It is critical that organizations familiarize themselves and fully understand the main categories of threats prior to deploying VoIP. In planning VoIP networks, both enterprises and service providers should avoid merely securing individual devices or protocols and take a proactive and holistic approach where all aspects of the network are secured. Once the network is deployed, enterprises and service providers need to be proactive in finding and fixing these vulnerabilities before they become real issues for end users and customers. One of the most efficient ways of increasing security of the VoIP networks is to execute security vulnerability assessments more often and implement patches and fixes immediately after the problems are discovered.
About the AuthorBogdan Materna is the CTO and VP of Engineering at VoIPshield Systems (www.voipshield.com). He can be reached at [email protected] or (613) 224-4443.
|