Top 5 Security Concerns for VoIP and IP PBX, and The Single Most Effective Measure You Can Take to Protect Your Network
The security concern forecast for this year? Social media attacks grow, the Internet of things (IoT) becomes a real threat, and DDoS attacks become more sophisticated. Concern about cyber threats is nothing new. In an article early this year by PCWorld, 5 security threats to businesses of all sizes were identified:
- IoT: With the Internet of Things, we now see a variety of devices that are connected and gathering all manner of information from users that are directly feeding into cloud-based data repositories. As a result, companies using connected automation devices face a significant risk.
- DDoS Attacks (Distributed Denial of Service): DDoS attacks essentially render a network or networked device unavailable to legitimate users through a variety of measures, including (but not limited to) exploiting limitations of TCP/IP, ICMP floods, and peer-to-peer attacks.
- Social Media Attacks: According to Proofpoint, a next generation global cyber security firm, it’s expected that in 2015, there will be a 400% increase in malicious content posted to social media channels, in the effort to get users to inadvertently distribute malware.
- Mobile Malware: In BYOD environments specifically, the potential for leveraging smart phones and tablets for a major attack looms.
- Third Party Attacks: Contractors and third-party providers can provide huge holes in security systems, as evidenced by Target and Home Depot.
Even though these threats loom large for enterprise level network teams, most businesses aren’t as concerned with these as they should be. With limited teams, resources and technology that might be growing long in the tooth, smaller teams focus more on security they can wrap their arms around.
Network Admins Who Are More Focused on Internal Network Security Face Added Threats
If you’re responsible for your network’s security, and you don’t have the resources to cover everything all the time, you’re probably most concerned with:
- DDoS: Don’t think that you’re too small for an attack. A survey conducted by Kaspersky Lab shows that 21% of businesses cited malware and 22% cited hacking as the number one threats to their business.Attacks alone aren’t the only thing to be concerned with. According to a report by Verisign, the size off attacks are increasing. For a business with a gigabyte or two per second of upstream bandwidth, an attack of 5-10 Gbps could be catastrophic, and in Q2 of last year, attacks of this range increased by 33%.
- Malformed Packet: By sending defective packets, attackers can crash applications or render hardware nearly unresponsive to users.
- Toll Fraud: Easier than ever to conduct on the web, Toll Fraud cost small business victims $4.73 billion globally in 2013. And according the VOIP security expert Mark Collier, newer, typically unsecured systems are targets of toll fraud.
So what is the Single Most effective measure you can take?
Installing a Session Border Controller (SBC) will make your VoIP infrastructure—and Unified Communications Systems—inherently more secure, ideally with the added benefit of making the integration of various SIP-based equipment from a variety of vendors easier. The SBC controls the signaling and media streams of VoIP calls along with video, chat and other types of media generally between two (or more people) on different networks. You can learn more about Session Border Controllers here.
Your SBC can help improve your network/VoIP security efforts in 5 main ways:
- By preventing your system from being an entry point for the attacks and toll fraud as noted above
- Encrypting voice channels to prevent eavesdropping as packets travel public networks.
- By measuring traffic volume from each source, and blocking unusual levels at the kernel level
- By detecting and blocking malformed packets
- By limiting the number of concurrent calls a customer can make, minimizing the impact of toll fraud
An SBC will prevent your system from being an entry point for attackers. Unified Communications systems use SIP (Session Initiation Protocol) to create, manage and terminate IP-based network sessions. As SIP messages work their way through your network, each node adds a “via” field to the packet. When the packet exits the network, there’s a clear log of fields that show the route the packet has taken. This log can show attackers the structure of your network behind the firewall, allowing them to craft attacks or commit fraud.
By ending a call or media on one side of the network (or border), and reinitiating it on the other side, the SBC is able to dynamically manage security and completely control the call. The SBC removes the “via” fields from SIP packets, replacing them with a single “via” field from itself. Since these packets now appear to originate from the SBC, your network topology is completely hidden from attackers.
Voice encryption is typically handled through use of Transport Layer Security (TLS) to protect signaling and Secure Real-Time Transport Protocol (SRTP) for voice media. Advanced Session Border Controllers use hardware-based transcoding system to apply encryption, freeing the server to handle an increased call volume, allowing economical use of the SBC server for high call volumes while still providing voice encryption.
Unauthorized use of the company VoIP services can be controlled by putting appropriate SBC-managed policies in place. By only allowing calls between known SIP endpoints, remote workers can access your VoIP system with SIP phones, but hackers are prevented from gaining access with an unregistered SIP phone or user agent.
SBCs Provide A Critical Layer of Security
VoIP systems offer a number of business benefits including cost reduction, system flexibility and advanced features that can support your business as it grows. But VoIP systems aren’t without risk. DDoS attacks, BYOD, IoT, and Toll Fraud can all pose a daunting risk. SBCs can provide a strong layer of network protection. By keeping your system from becoming a point of entry for attacks, voice encryption, monitoring, detecting and blocking malformed packets, your SBC can provide you with piece of mind and help you manage some of the security concerns that come with deploying next generation VoIP or UC products.
Want to learn more about Sangoma’s unique SBC? Download our white paper today.