Panamax: Beware SIP-Bbased Cyber-Attacks

 

In the face of cyber-attacks from potential hackers, firewalls alone are not sufficient to protect a VoIP network.

According to Panamax‘s white paper, “Tomorrow Starts Today: Security for SIP-Based VoIP Communications Solutions,” SIP services introduce security concerns centered around a raft of technologies. SIP brings tremendous advantages when used to support IP communications solutions for voice, video, unified communications (UC), presence, IM/chat and conferencing. But, SIP-based communications are also a gateway to an entire network.

Left undefended, enterprises and small to medium-sized businesses (SMBs) are exposed to potentially debilitating cyber-attacks and exploitation of their IP network when they use SIP services. As such, they require a robust, seamless approach to network security, including understanding hackers’ tactics and motivations, sufficient in-house skills, and a consistent strategy to safeguard against intrusion.

The paper takes a comprehensive look at how IT practitioners must understand that cyber-criminals are continuously looking to exploit SIP openness for various reasons, either to gain free services or to steal sensitive information from an enterprise network.

The most common modus operandi of hackers worldwide is to flood enterprise network with useless traffic.  The additional traffic pumped onto the network burdens bandwidth and chokes resources available to support VoIP communications solutions. These Denial of Service (DoS) attacks can be seriously troublesome for the company experiencing the ongoing assault on their network. To prevent a disruption of communications, which can lead to gradual loss of customers or a full-blown data breach, companies should prepare a proper defense for the variety of SIP trunking vulnerabilities that can adversely affect their business.

Panamax noted that there are many methodologies to preempt and mitigate these disruptions, including Real-Time Transport Protocol (RTP) protection, creating virtual LANs (VLANs) within the local network, and enterprise-grade session border controllers (SBCs), which constantly monitor network traffic along with usage pattern analysis to identify an SIP attack.