Cyber Security Group: six reasons why VoIP is vulnerable

This morning, the Cyber Security Industry Alliance (CSIA) released a briefing that strongly presents the case for research and development activities to improve VoIP security.The briefing lists several reasons why VoIP is insecure, as well as the meta-consequences of this insecurity.

This morning, the Cyber Security Industry Alliance (CSIA) released a briefing that strongly presents the case for research and development activities to improve VoIP security.

The briefing lists several reasons why VoIP is insecure, as well as the meta-consequences of this insecurity.

Here, according to the CSIA, are why VoIP is vulnerable:

  • Because of VoIP's processing demands, standard cyber security equipment and measures often do not protect VoIP. Instead, when measures are attempted they just result in packet delay - and poor voice quality.
  • Caller ID services, including those used by first-responder groups, can be bypassed by IP telephony.
  • IP telephony hubs can be hacked, and the information stored there can be revealed to unscrupulous people and organizations.
  • VoIP voice mail is vulnerable. Since voice mail messages are, in essence, computer files, these files can be hacked and then redistributed to unlimited numbers of users.
  • VoIP conversations can easily be recorded, duplicated and quickly distributed to unauthorized recipients.
  • VoIP over Wi-Fi is subject to interception by radio scanners.

Recommendations about how to fix these security flaws will be presented at the CSIA's "Workshop on Securing Voice over IP; 'Harmonizing Technology and Policy,'" to be held in Washington on June 1-2.

Because the report seeks to galvanize action on the part of lawmakers and policy makers, the location of the workshop is intentional.

Do you think the CSIA has a point? Or, to be more precise, six of them? Are some of their points more valid than others? Did they miss anything? TalkBack to us.