Voice over IP (VoIP) is growing rapidly in use for businesses both small and large. Its affordability, flexibility, and wide range of features make it a great choice for many businesses, but it also brings unique security vulnerabilities that need to be defended against. One of the most unexpected of these are distributed denial of service (DDoS) attacks. While many people are familiar with DDoS attacks against server infrastructure, their usage against VoIP systems is less well known.
What Is a Distributed Denial of Service Attack?
The basic concept of a distributed denial of service attack is fairly simple: a group of devices which have been compromised by an attacker are used to flood a target system with data in such a way that the system is overwhelmed and brought down. DDoS attacks can take a variety of forms depending on the system being targeted and may simply utilize a huge number of incoming connections or junk data packets.
For VoIP systems, these attacks may actually come in the relatively low tech form of a huge number of incoming, regular telephone calls. This can have the effect of overwhelming the VoIP infrastructure and ultimately causing the entire system to fail. More sophisticated attacks often attempt to flood the system with invite requests over the session initialization protocol (SIP), ultimately preventing the system from initiating valid calls.
How Vulnerable Is Your System?
If you have taken steps to secure your network from normal DDoS attacks, then you are likely partially protected from attacks which simply attempt to overwhelm your network as a whole in order to bring down your VoIP system. If you have set up Quality of Service (QoS) to prioritize VoIP traffic, then that also helps to inoculate your telephony systems against attacks that simply flood your whole network with traffic. Although this does nothing to prevent the attacks themselves, it at least guarantees that your higher priority telephony traffic is unaffected.
On the other hand, attacks which attempt to overwhelm the system with SIP invites require specialized software to defend against. These systems generally work by implementing encryption and authentication of incoming VoIP traffic. Authentication is particularly important for defending against malicious attacks attempting to flood your system with invites over the initialization protocol. Since attackers are capable of generating a huge number of fake numbers, it is vital that your VoIP infrastructure be able to determine if it is receiving invites from valid sources.
What Should You Do?
VoIP systems are not inherently insecure, but it is important to audit your infrastructure for vulnerabilities and address them as they are discovered. Your IT department should be capable of providing a detailed evaluation of potential attack vectors so that the necessary tools and techniques to keep your VoIP infrastructure can be identified. While basic network security techniques can help to protect against some threats, to fully secure your system you will potentially need both hardware and software specifically designed for VoIP security.
For more information, contact local VoIP infrastructure security software professionals.