igor - Fotolia

Context warns of VoIP wars at Black Hat USA

A lack of understanding of modern VoIP and unified communications security opens many service providers and businesses to cyber attack, a Context IS researcher warns at Black Hat USA

Security teams are struggling to keep pace with the growing number of exploits of vulnerabilities in the voice over internet protocol (VoIP) available to cyber attackers, researchers warn.

The attack surface is growing rapidly as organisations increasingly turn to VoIP and cloud-based unified communications (UC) systems to support commercial services and corporate communications.

“A lack of understanding of modern VoIP and UC security means that many service providers and businesses are leaving themselves at risk to threat actors repurposing this exposed infrastructure for attacks such as botnets, malware distribution, vishing, denial of service attacks and toll fraud,” according to Fatih Ozavci, a managing consultant with Context Information Security.

At the Black Hat security conference in Las Vegas, which ends on 4 August, Ozavci highlighted potential vulnerabilities in major UC product suites and messaging platforms. The vulnerabilities allow hackers to bypass security measures, inject malicious content to messaging, spoof caller identities and bypass billing, along with problems caused by insecure configurations.

“By exploiting these vulnerabilities, attackers could gain unauthorised access to client systems or communication services such as conference and collaboration, voicemail, SIP trunks and instant messaging,” said Ozavci.


His Black Hat presentation highlighted weaknesses in UC messaging, federated communications and collaboration services that could be used to gain unauthorised access to the UC environment and client systems, as well as to attack client systems through signalling protocols and messaging.

“These attacks can be used to compromise the client systems connected using protocol and software vulnerabilities,” said Ozavci, adding: “Dial plans, misconfigured SIP trunks, conference and network infrastructures are also major targets for advanced attacks.”

The Context IS researcher has also looked at media transport protocols such as the secure real-time transport protocol (SRTP) for voice calls, file, desktop and presentation sharing.

Read more about VoIP security

The media transmitted may have confidential or sensitive information, which can be an object of PCI, Cobit or compliance requirements such as credit card information on calls to interactive voice response (IVR) services or customer privacy information.

“Due to insecure encryption and design issues, sensitive information in the media that’s been transmitted can be exposed and compromised,” said Ozavci.  

To help raise awareness of these VoIP and UC vulnerabilities, Ozavci has developed open source tools Viproxy and Viproy, which can be used for VoIP penetration testing.

Read more on Hackers and cybercrime prevention