The briefing lists several reasons why VoIP is insecure, as well as the meta-consequences of this insecurity.
Here, according to the CSIA, are why VoIP is vulnerable:
- Because of VoIP's processing demands, standard cyber security equipment and measures often do not protect VoIP. Instead, when measures are attempted they just result in packet delay - and poor voice quality.
- Caller ID services, including those used by first-responder groups, can be bypassed by IP telephony.
- IP telephony hubs can be hacked, and the information stored there can be revealed to unscrupulous people and organizations.
- VoIP voice mail is vulnerable. Since voice mail messages are, in essence, computer files, these files can be hacked and then redistributed to unlimited numbers of users.
- VoIP conversations can easily be recorded, duplicated and quickly distributed to unauthorized recipients.
- VoIP over Wi-Fi is subject to interception by radio scanners.
Recommendations about how to fix these security flaws will be presented at the CSIA's "Workshop on Securing Voice over IP; 'Harmonizing Technology and Policy,'" to be held in Washington on June 1-2.
Because the report seeks to galvanize action on the part of lawmakers and policy makers, the location of the workshop is intentional.
Do you think the CSIA has a point? Or, to be more precise, six of them? Are some of their points more valid than others? Did they miss anything? TalkBack to us.