Hacking has become high-profile, lately. You can rarely skim top headlines without finding a story about a major hack, whether on a major corporation or government office. From Amazon.com to the New York Times to big banks and hospitals, targets for hackers are finding that it’s increasingly difficult to keep them out. But hacking doesn’t always happen just to giant corporations: it can happen to you, and easier than you think.
IP-related communications are often major targets for hackers, which means that VoIP communications are not just vulnerable, but frequently exploited by hackers. This leaves a lot of people wondering what hackers stand to gain from hacking a VoIP system. The answer, of course, depends on the hacker. Some enjoy hacking just for the thrill of it. But others use their access to VoIP systems to cash in quietly, all under the nose of the VoIP owner.
One of the most common tricks is to use the VoIP line to auto-dial high-fee lines which the hacker makes a commission on calls to. This is called ‘premium rate fraud’, and is distressingly hard to convict, because money is often delivered in untraceable formats like bitcoins. Hackers can also use VoIP to create massive DDoS attacks. And of course, if they target the right line (such as the VoIP at a bank or credit card center) they can simply listen in to get all kinds of valuable financial information.
So, how do you protect yourself?
Whether you’re using a residential VoIP line or are managing a business which has hundreds of virtual numbers, there are some straightforward ways to protect yourself from VoIP hackers. Some of them might seem pretty common sense, but are rarely engaged by VoIP users.
Separate Your Networks
For better performance for VoIP lines, most companies will recommend that users of VoIP bundle the VoIP and data networks together! This can save money and make both a little easier to manage. But this creates additional exposure for easy-to-hack VoIP lines and can increase their likelihood of being hacked. Instead, separating the two different networks and managing them as independent entities can dramatically reduce chance of a VoIP hack. If a full separation isn’t feasible, it can be relatively easy to set up a VLAN to help afford your VoIP a little more security.
Use Double-Authentication Logins
Double-authentication logins prompt users trying to log in to a service for two different forms of ID: for example, not only will they need to know the login handle and password, but also enter in a code texted to their cellphone, or to answer a uniquely identifying question. While many perceive that double-authentication is a hassle that takes time, the immense security benefit it can add to VoIP logins cannot be understated. Wherever possible, opt for a double-authentication login method… not just for your VoIP, but for any sensitive system you use! Social media or banking accounts, for example.
Use a Dedicated Intruder Detection System
An Intruder Detection System (usually shortened to IDS) is a system designed to monitor VoIP networks and alert VoIP users to hacker presence. Some types of hacking are unique to VoIP infrastructure and systems, and can be identified by relatively simple detection rules. Some of the most popular IDS options include IBM’s Tivoli, Scidive, and Prelude.
Utilize Packet Encryption
According to Bruce Schneier, the Chief Technology Officer of Resilient and a fellow at Harvard’s Berkman Center, “Encryption is one of the essential security technologies for computer data, and it will go a long way toward securing VoIP.” Some services, like Skype, have worked to build this level of encryption into their services. But for services which have no encryption options, there are third-party services like Zfone and TORFone.