Eavesdropping

  IT Threats, Voice Threats   -  

Privacy and confidentiality are key aspects of security, and in some environments are the primary security objectives when implementing IP Telephony networks. Eavesdropping on communications can be performed in several ways. An attacker may take advantage of vulnerabilities that exist in protocols or software implementations of VoIP components, to intercept communications between parties. Based on historical evidence from attacks on IP-based networks, it is possible to intercept communications (signaling and media) between users who reside in the PSTN and IP-based networks, respectively. In such scenarios, an attacker with access to an IP network (that is, corporate network) has the ability to monitor and capture signaling and media messages between two unsuspecting parties. Such an attack is easier to perform in IP-based networks because of the ease of access. Nowadays, there are a significant number of modern tools that allow us unprotected IP Telephony Calls.

Mitigations

Cisco IP Telephony offers you the capability to deploy authentication and encryption of communication channel (signaling and media) between devices, for example, Cisco IP Phones, CUCM, Voicemail Ports, conference bridges, and so on by virtue of certificates. Secure signaling is achieved by using Transport Layer Security (TLS). The secure signaling encapsulates the Skinny Client Control Protocol (SCCP) or Session Initiation Protocol (SIP) messages in TLS. Secure media transfer on the other hand provides confidentiality by encrypting the media stream between endpoints or an endpoint and application. The call is considered a Secure RTP (SRTP) call.