As the reliance on unified communications (UC) continues to grow across businesses, both large and small, the importance of keeping UC infrastructure secure has become more pertinent than ever. Security of the UC infrastructure requires a multilayered approach to be effective. While third-party service providers take care of the security aspect of UC, in-house UC management demands a focus on providing security for voice and video applications.
To ensure the safety of UC networks against threats, a general-purpose security infrastructure of a firewall, antivirus protection, and password-protected systems may not be enough. Attention must be directed towards providing security for the voice and video applications that run on the open Session Initiation Protocol (SIP), which provides the session setup for VoIP and video sessions, using the Real-Time Transport Protocol (RTP). The session border controller (SBC) is the infrastructure component responsible for setting up and running the VoIP and video sessions.
In the past, businesses would typically rely on a VoIP-aware firewall to protect UC network traffic. These firewalls were aware of ports used for SIP and able to stop certain attacks like denial of service (DoS), but they weren’t necessarily session-aware which meant they couldn’t stop more subtle threats. However, in recent years, some SBC vendors have integrated SIP-specific security components into their SBCs, which can replace or augment SIP and VoIP security provided by existing firewalls.
UC-specific security threats are constantly evolving and increasing in number day by day. Let’s take a look at some of the key unified communications security threats:
1) DoS:
Various DoS attacks specifically target VoIP systems, which involve flooding the system with requests and stop it from functioning. To combat UC-oriented DoS attacks, it is essential to determine which of the network components support rate limiting, especially if too many IoT devices are present on internal networks.
2) Theft of Services:
Attackers pose as legitimate users to exploit UC systems for their purposes. Hackers can make scam phone calls under the guise of legitimate calls; this could create trouble for your company and could, at a minimum, lead to a big headache as you try to prove to the authorities that your system was hacked.
3) Hacking Tools:
Attackers can take advantage of publicly available tools to cause damage. Several apps were initially designed as legitimate ways to audit VoIP environments but have been used maliciously to compromise UC systems.
4) UC in a Box:
The Zoom era, fueled by the COVID-19 pandemic and remote work, ushered in a new set of UC security concerns. This system delivers an entire UC ecosystem within a single application, including video conferencing, IM, and telephony. The massive installed base of these systems increases security vulnerabilities and make them a big target for hackers.
To safeguard your UC infrastructure, you must stay informed and vigilant about these threats. Know which UC systems your end-users are using and use a cloud access security broker to monitor and track the use of UC apps and block unauthorized use. Regularly track the revision history of your main UC system and control how often updates are made.
UC-specific security on firewalls, SBCs, and other systems are a must. Even though UC and VoIP security don’t seem to get as much press as other threat scenarios like ransomware, it’s important to remember that attacks on UC components can cause significant problems, if not detected and terminated. Ultimately, it is all about layered security. The more layered security is available to protect your UC system, the less likely it will be compromised.