While the News of the World phone-hacking scandal has revealed the growing risks inherent in mobile phone communications, users should not overlook the privacy risks involved in voice over IP – VoIP – landline communications, according to a report in the latest issue of E&T magazine.
Privacy is an important social expectation, but the issue of confidentiality is questioned when businesses use VoIP, the report warns. Criminals can tap and eavesdrop into confidential conversations and by monitoring voice traffic, masquerade as another VoIP caller. This is done by the hacker injecting a fake caller ID into an ordinary VoIP call allowing the receiver to believe it is coming from a trusted source. Once the receiver discloses personal information, the hacker can commit identity theft.
VoIP describes a set of services used to manage the delivery of voice transmissions over a broadband Internet connection. It works by transmitting analogue voice signals as digitised packets over the Internet allowing it to share the same connections as other digital technologies.
The technology is an attractive communication option for the commercial sector. Though businesses have heavily invested in protecting their data networks from cyber threats, it is arguable they have neglected to understand the security issues concerned with VoIP.
“The strengths of VoIP bring with them new security challenges and new compliance requirements that cannot be met by the existing security architecture,” says Adam Boone, vice-president of product management at unified communications security firm Sipera. ''When companies use third-party applications to conduct business communications, it cannot be verified that privacy is maintained and corporate information is safe.'
The report identifies five prime areas of VoIP security concerns: toll fraud, privacy, vishing, denial of service (DoS) and spam.
VoIP: Voicing security concerns