German security agency warns of VOIP security risks

Germany’s Federal Office for Security in Information Technology (BSI) is warning businesses of potential security risks with VOIP (voice over Internet Protocol) technology in a study presented at the Systems IT exhibition and conference in Munich.

The VoIPSEC report, released on Monday at the opening of Systems, appeared one day before Skype Technologies SA, one of the world’s largest providers of VOIP service, acknowledged critical flaws in its software and urged users to upgrade to the latest version.

In its report, BSI warns that although no spectacular attacks in the business world have been reported yet, it’s only a matter of time before problems will emerge.

The report lists 19 varieties of attacks on VOIP systems. These, in turn, can lead to a number of security threats, such as identity theft, data manipulation, transmission errors and incorrect billing.

Also, VOIP opens the door to the various forms of malicious software wildly spreading in data networks, such as viruses, worms and Trojan horses, according to the report.

Authors of the VoIPSEC study urge companies to analyze where they plan to implement VOIP, how crucial secure communication is to that particular business process and what level of security can be ensured. And although one of the biggest sales pitches of companies supplying VOIP systems is convergence of voice and data networks, the authors are recommending a separation of IP voice and IP data networks.”

The study is available in German at: http://www.bsi.de/literat/studien/VoIP/index.htm.

In a panel discussion at Systems, Manfred Fink, president of Fink Security, urged businesses to be careful of the current hype surrounding VOIP. “Manufacturers are telling businesses how they can save money by converging their voice and data networks,” he said. “But IT managers should be aware that the money they may save in combining their IP voice and data networks could be offset by the money they will need to spend to make these networks secure.”

Detlev Henze, a security expert in the IT security unit of the safety control agency T

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now