VoIP Hacking—What’s in it for the Attacker?

April 17th, 2015

With so many high profile data breaches making the headlines, it’s easy to forget that IP Communications systems are routinely targeted for attack. While it may be clear what the criminals were looking for when they stole credit card data or government employee data, it may not be as obvious as to why hackers are trying to break into your private communications systems. The first step to ensuring VoIP service security is knowing your enemy. So the question remains—what’s in it for different kinds of VoIP hackers?

VoIP Hacker #1—Just for Fun

For some hackers, it’s all about the fun of causing mischief. VoIP spoofing and swatting are the two main methods for these attackers.

VoIP spoofing is when hackers modify caller identification data to masquerade as someone else. Hackers basically play pranks on unsuspecting victims by placing emergency calls that appear to come from their address. Responders must assume these calls are as legitimate as they seem because it is difficult to detect VoIP spoofing in real time.

VoIP swatting is a similar phenomenon with far more dangerous implications. In the early 2000s, hackers would compromise VoIP systems to place fake emergency calls causing SWAT teams to arrive at an address with guns drawn. While hackers laugh, people are put in serious danger.

VoIP service providers must be aware of these potential issues. Even though hackers are having fun, the potential damage of these attacks can really hold a growing SMB back.

VoIP Hacker Profile #2—Hackers Have Fun with Extortion, Too

VoIP spoofing and VoIP swatting are frustrating problems to deal with, but there are more dangerous cyber criminals waiting to strike. DDoS attacks were launched in record numbers in 2015 and VoIP systems are just as vulnerable as any other Internet-connected service. For VoIP hackers, DDoS attacks can yield big returns.

By cracking a weak password in the VoIP network, hackers can gain access to the entire system and launch a DDoS attack to block it entirely. Many companies rely heavily on their phone systems, so a DDoS attack could be crippling. Hackers can take advantage of the need for VoIP service and extort ransom money from business owners.

VoIP hacking may not be in the news as much as other attack vectors, but there’s plenty of money for cyber criminals to make with VoIP DDoS attacks.

VoIP Hacker Profile #3—Premium Rate Fraud Takes Advantage of Long-Distance Calls

When attackers gain access to the VoIP system, they don’t have to launch a DDoS attack to make money. Instead, they can use an auto-dialing tool to have multiple phones access a premium rate link. The company is then charged for the phone calls and the person who made the malicious link receives fees. Hackers make their money by collecting a percentage of these fees.

These attacks can be hard to trace because hackers will load the siphoned money onto untraceable debit cards, allowing them to withdraw cash at ATMs.

VoIP Hacker Profile #4—It’s Not Always About the Money

Extortion and premium rate fraud give hackers a direct reward. However, not all VoIP attacks are about the monetary value. Eavesdropping is another issue that both service providers and enterprises alike need to prevent.

By compromising a VoIP phone or its software, hackers can get to a point in the network where they only need a network sniffing tool (widely available for free online) to capture voice traffic. Phone calls remain unaffected, but the attacker can hear everything that is discussed.

Eavesdroppers don’t siphon money from your customers, but you can imagine why companies wouldn’t want hackers listening to their boardroom conference calls. Intellectual property and competitive advantage is at stake and VoIP service providers must be ready.

You Know the Enemy—Now Defend Your Services

These are four of the most common VoIP hacks you’ll encounter in the real world. Service providers need to ensure that a breach of their environment won’t compromise their customers. On the other hand, enterprises themselves need to take measures to keep it from happening on their end as well. While firewalls are a good choice for baseline infrastructure defense, enterprise session border controllers offers additional protection for voice systems without introducing quality issues into the mix.

Related Blog Posts