Attacks on VoIP - Denial of Service (DoS) Attacks

Listen Now

Table of Contents

Gone are the days of copper wires that transmitted phone signals from the early days of telephones, we’ve found yet another use for the internet; phone service. Since VoIP is a digital version of our old analog system, it’s an entirely different approach to voice communication. Unlike in the past when businesses required switching hardware and telephone sets, VoIP is heaven-sent since it requires little more than an inexpensive headset attached to a computer. 


VoIP solutions for businesses


As the Internet has evolved and become universally available, so has VoIP. As of 2013, 25% of U.S. households were using VoIP in place of their old landlines. Today, most medium to large businesses all over the world are using it, and it is expected to continue to grow rapidly well into the future. 

With all the features VoIP makes available to business, it’s the obvious way to go for your phone service. However, like any of the life-changing improvements the internet has given us, there is that thing often forgotten and thought about last; Security!  For this discussion regarding VoIP systems, we’re going to look specifically at Denial of Service (DoS) attacks. 


What is a DoS Attack


A Denial of Service attack is an attack on a network or device, preventing it from providing service or connectivity. A DoS is carried out by consuming the bandwidth of its target, flooding it with requests that prevent it from performing its useful functionality of serving legitimate requests for data or communication. 

When most people think of cyber attacks, they think of viruses, ransomware, and the like; but, those aren’t the only types of attacks that can wreak havoc on computing systems. For those who utilize VoIP systems, DoS attacks can cripple their telephone communication systems. If you have a VoIP system, it’s crucial that you learn how to safeguard your system from these dangerous invasions.

denial of service attack, cyber attack


Understanding SIP


In order to better comprehend the different types of VoIP DoS attacks, it’s important to understand Session Initiation Protocol (SIP) since you’ll see the phrase in the descriptions of the types of attacks. While VoIP refers to the “type” of phone call, SIP refers to the “protocol” used for setting up those calls. It defines the messages sent between endpoints and it establishes the elements of a phone call. Most IP phones you see in offices and businesses today are SIP-compatible phones, enabling those phones to make VoIP calls. Below are a few examples of VoIP DoS attacks.


Types of DoS Attacks on VoIP


Call Flooding - Call Flooding, sometimes called Mass Calling, is a DoS attack that involves directing large numbers of calls to a specific target for the purpose of preventing the normal operation of telephone services. In the case of call flooding, phones are kept ringing almost constantly. As soon as one call is cleared, the phone rings again. 

This type of attack doesn’t prevent all legitimate calls from reaching their destination, but depending on the severity of the attack, it can sharply limit a business's ability to communicate. This type of attack limits both incoming and outgoing calls. Call flooding is sometimes used as a way to extort payment from the victim to stop the attack, or to act as a cover while financial fraud takes place. 

Message Flooding - An SIP Message Flooding attack involves sending more SIP messages to the target than it can handle. If the target has insufficient memory or processing power to deal with the attack, it will either stop processing calls, or cause other functions of the system to simply stop working. 

SIP message flooding attack


Malformed Messages - Malformed Message Attacks are a SIP message that is either not compliant to the relevant SIP specifications, or the SIP stack / SIP parser of the target is not able to process correctly. The intention of a SIP Malformed Message attack is to cause the recipient of the attack to stop processing calls effectively. 

Caller ID Spoofing - Sometimes, malicious individuals will conduct caller ID spoofing. Attackers use spoofing to obtain information or facilitate scams against their targets. If an attacker can detect an insecure phone system default configuration, they can make, receive and transfer calls, using victims’ devices for covert surveillance.


Why VoIPs Are Targeted by DoS Attacks


As discussed, VoIP DoS attacks are generally carried out by flooding a target with unnecessary SIP call-signaling messages, thereby degrading the service; but why would someone unleash a destructive attack on a phone system? 

There are a variety of reasons, for instance: the attacker may want to cease proper operation of the target while the attacker gets remote control of their victim’s system, where they can then do their damage.  The attacker may hope to extort money from the organization they attack with the threat of continuing the attack until the ransom is paid. An attack may be launched in an attempt to disparage the brand name reputation of a company for unscrupulous reasons. At its very worst, a DoS attack may be launched for the purposes of political or state-sponsored terrorism. 


Preventing Dos Attacks on Your VoIP System


Despite the vulnerability of your VoIP system to DoS attacks, there are steps you can take to protect your system. You can protect your phone system using a SIP-aware firewall system at the VoIP network perimeter. The device works on the outer perimeter and separates legitimate VoIP traffic from VoIP attack traffic, allowing only legitimate traffic through to the system.


preventing denial of service attacks on VoIP system


To become even safer from attack, you must protect more than just your VoIP system. You must also protect your network.The servers and software that run the phone system need to be immune to attack. A DoS attack launched against the servers that run the Domain Name System (DNS) could result in a disruption of the VoIP system since the phone system relies on DNS to resolve the IP addresses for the VoIP devices. Mitigation of these types of attacks can be done using common network security practices. Firewalls to block traffic along with routers and switches set up with proper security settings. 

Also, if you have an outside VoIP provider, they should have the required security measures in place to help prevent DoS attacks. It’s in their best interest to build rock-solid security into their systems since they have many customers using their service. 

Whatever your VoIP configuration, don’t wait until a disaster occurs to address this type of threat. It’s much easier to stop a DoS from happening to your VoIP, than to clean up the mess that one individual can impose on your entire enterprise. 


New call-to-action

Categories: Security, VoIP

blogs related to this

How to Conduct a Cyber Security Assessment

How to Conduct a Cyber Security Assessment

Just about every company today is a technology company. Digitally transformed organizations operate on a solid technological foundation and...

How to Develop a Cybersecurity Strategy

How to Develop a Cybersecurity Strategy

Cybersecurity is perhaps the highest priority for most businesses around the world. And if it isn’t, it should be. That’s primarily because more and...

How to Implement a Cybersecurity Program

How to Implement a Cybersecurity Program

There are a few steps that businesses have to perfect before starting a cybersecurity implementation plan. First, they must conduct a thorough...

Everything You Need To Know About Windows 10 EOL

Everything You Need To Know About Windows 10 EOL

Since its release in July 2015, Microsoft’s Windows 10 has been one of the most widely used and popular operating systems worldwide. For many years,...

Artificial Intelligence Can Help Everyone - Including Scammers. What to Look For.

Artificial Intelligence Can Help Everyone - Including Scammers. What to Look For.

We all knew that artificial intelligence (AI) would be a great disruptor. However, now that the era of AI is upon us, its potential dangers and...

How to Protect Your Business From a Brute Force Attack

How to Protect Your Business From a Brute Force Attack

Data breaches are every business’s worst nightmare. With every passing year, hackers find new ways to gain unauthorized access to enterprises’ IT...

Minimize Risk and Maximize Security with Cybersecurity Insurance

Minimize Risk and Maximize Security with Cybersecurity Insurance

Cybersecurity insurance, also known as cyber insurance or cyber liability insurance, provides comprehensive coverage to businesses. It helps them...