Security in VoIP communication

Snom's understanding of security

Snom is a security-conscious VoIP manufacturer and permanently focused on ensuring the highest level of security for all our offered devices and solutions. This is also reflected in the fact that Snom has been a member of the German Federal Association "TeleTrusT IT Security" since June 2016.

Thanks to the restructuring of our firmware update development procedures, we are able to release at least 4 updates per year. This enables us not only to expand our functionality, but also to proactively address any potential security vulnerabilities in advance.

Our security concept includes:

• After you have assigned a user to a new phone, it automatically switches to "HTTPS Only" mode so that all further communication is SSL secured.
• We generally work with the latest TLS version.
• We support 802.1x authentication.
• We offer an OpenVPN client.
• We support all common secure protocols, such as SIPS, SRTP, and many more.
• We use the Mozilla "Trusted CA" collection and update the list with every firmware update.
• Besides the possibility to use the Snom certified CA and the corresponding key on each phone, you can also easily import your own certificates.
• A special highlight is the possibility to authenticate not only the telephone on the server, but also the server on the telephone.

Security in the era of VoIP

When thieves want to break into a house, they usually carry out their own risk assessment beforehand:

If the expected value of the items they want to steal from the house outweighs the risks of breaking in, then they will make their decision. When hacking a business telephone system, the principles are similar, but the scale is different.

With the global VoIP market forecast to be worth $93.2 billion by 2024, hacking and exploiting phone systems (known on the scene as "cracking") is fast becoming a lucrative endeavour for suitably skilled cybercriminals. With the value of these ill-gotten gains increasing exponentially each year, it is imperative for everyone in the industry, including network operators, service providers, system integrators, IT administrators/users and, of course, the hardware and software vendors and manufacturers themselves, to prioritise and improve network security.

Not only the increase in the global market share of IP telephony offers an attractive target for hackers, but also the change in business behaviour.

And with the shift to remote working happening faster than originally predicted, the proliferation of BYOD (the practice of bringing your own device and using it in the company) and companies increasingly moving to all-IP solutions, the market is not only growing, it is changing rapidly. And where there is change, there is also uncertainty and unpredictable developments that provide fertile ground for those criminally inclined to exploit any opportunity that presents itself.

But how do they do it?
What are the most common methods used by criminally inclined and technically skilled hackers (crackers)?
What happens during a break-in?

To gain access to a telephony system, crackers need the password of the device they are targeting. To get this password and successfully compromise an IP PBX system, the hackers identify an IP extension on the network and then bombard this device with different passwords in the hope that one of them is correct. This sounds pretty futile, but many users do not change their default passwords. Also, hackers can send thousands of passwords to an extension in a matter of minutes. In many cases, it doesn't take long for the hackers to guess the right password and log into the IP-PBX system. Or they find vulnerabilities in a system so that they can bypass or overwrite the password requirements, or they use phishing methods, e.g. by posing as an IT administrator, to obtain passwords.

Unfortunately, the number of threats to networks is increasing, and a cursory search reveals an ominous list of malicious attacks such as

• "Brute Force",
• "Man in the Middle",
• “DDoS” (Distributed Denial of Service) and
• "Spoofing",

all of which pose a serious threat to unsecured communication.

Once a cracker has access to the system, there are many ways to bring down the IP telephone network and potentially deprive the company of large sums of money. One of the most common, and indeed most damaging, attacks involves professional criminals connecting an entire call centre to the compromised network port and rerouting thousands of calls through that one port in a short period of time. Depending on how the IP PBX routes its calls and how regularly the company receives its bills, this activity can go on for months before it is discovered, driving up the phone bill astronomically.

While this is the primary approach for crackers and fraudsters to exploit a poorly protected system, weak passwords and a lack of encryption in an IP PBX infrastructure can also open the door to other types of malicious activity. For example, the computerised structure of IP telephony makes it much easier than landline phones to surreptitiously record internal conversations. Instead of having to install a physical device, calls can simply be recorded with the right software. Often this type of threat comes from an employee within the company, making it difficult to protect against. If a company is using an unencrypted VoIP protocol, there is no barrier to prevent calls from being recorded. Even if the threat does not come from an employee or from outside groups with an interest in recording a company's phone calls, a Trojan could be used to install the recording tool. It gets even worse if the phone is used to penetrate the company network - the entire server structure, like a burglar entering a house via the basement.