Voice over IP (VoIP) telephone and conferencing systems bring flexibility for agile businesses and remote workers – and new security and financial risks.
While a correctly configured VoIP network significantly increases the security of your voice calls, there are many security weaknesses affecting VoIP that allow a malicious insider or an Internet-based attacker to compromise your VoIP infrastructure remotely. The greatest risks include their running up enormous phone bills or eavesdropping on telephone calls made both within your organisation and to your suppliers and customers.
SecureTeam have extensive experience in both securing and managing corporate VoIP environments and have worked with industry-standard VoIP technologies, including Asterisk, Avaya, Cisco, Microsoft & Yealink.
A review of your VoIP environment will give you peace of mind that calls within your organisation are being securely managed, that only authorised people and handsets are able to place calls and that your users voicemail cannot be accessed maliciously.
Whether you have an established VoIP network, are migrating to VoIP from a legacy analogue network or are in the design stages of a new VoIP environment, we’re with you every step of the way in ensuring your communications stay secure.
Methodology
A targeted penetration test will be conducted on the VoIP (Voice over IP) network that is currently in use within the organisation. This test will identify vulnerabilities that could allow a malicious user to compromise or abuse the VoIP environment to make unauthorised calls, intercept conversations or pivot attacks into the corporate network.
As part of the VoIP penetration test, the network traffic that is sent between the handsets and the VoIP controller during phone calls will be analysed to identify vulnerabilities that may allow a malicious user to eavesdrop on the calls that are being made or inject malicious network traffic into handsets or the call manager. This provides you with visibility of the level of access that a malicious insider may be able to achieve if they have been able to obtain access to a registered handset.
Using a combination of automated and manual testing, our consultants will perform the following assessments on your VoIP infrastructure to ensure it has been deployed and configured securely:
- Inspection of the SIP network traffic to ensure that the information sent during the initiation and ‘teardown’ of VoIP calls is secure.
- Analysis of voice network traffic sent during calls to ensure it is encrypted.
- Review of handset provisioning process to ensure the handset configuration cannot be modified.
- Check if unauthorised handsets or ‘softphones’ can be connected to the VoIP network.
- Network Segregation Test to ensure VoIP network is adequately segregated from the corporate LAN (including any links to managed service providers).
- Vulnerability Assessment of VoIP infrastructure components.
Our consultants will manually inspect the network traffic that is sent during your VoIP calls to ensure it is encrypted and therefore not liable to interception or eavesdropping. A supplementary configuration review of your Call Manager, Session Border Controller (SBC) and handsets ensures you’ve taken every step possible in securing your voice communications.
Prerequisites
- Two desktop VoIP phones, with each phone being registered as a separate extension number.
- IP address of Call Manager / VoIP Server.
- If a configuration review is desired, a user account should be provided that has access to all settings within the Call Manager / VoIP Server.
- A signed and completed testing consent form
- An up to date network diagram
Deliverables
Engaging with SecureTeam for your VoIP Penetration Test will provide you with the following:
In-flight Support
Prior to your test commencing, our consultant(s) will discuss the scope of work with you, so that a full understanding is obtained of what your VoIP environment any other services it connects to – either in your network or over the Internet. This not only allows the test to run more efficiently, but also allows the discovered vulnerabilities to be rated more accurately in terms of risk.
During the testing phase, our consultant(s) will engage directly with you – notifying you of any critical vulnerabilities that may be present within your application or infrastructure and any evidence in our results that indicates a security breach may have already taken place.
Reporting
Once the project has been completed, you will be provided with the following:
Comprehensive Technical Report
Our clear & concise reporting format contains an Executive Summary that can be understood by all members of your organisation – including individuals who may be in management or non-technical roles. All vulnerabilities are explained to a sufficient level of technical detail, so that your development team and systems administrators can quickly pinpoint the root cause of the vulnerability and apply the recommended course of action.
Technical References
Where applicable, we provide additional reference URLs for each vulnerability, so that further information and mitigation advice can be obtained from reputable sources of technical information.
Risk-Based Approach with CVSS Scoring
A risk-based approach is used throughout the report and all vulnerabilities are scored in line with CVSS (Common Vulnerability Scoring System). This allows the contents of the report to be fed into your own internal risk assessments and allows a plan to be developed to address the vulnerabilities which present the highest risk to your organisation.
Secure & Encrypted Report Delivery
Due to the sensitive content which may be contained in our test reports, all test reports are delivered to our customers through a secure file delivery mechanism. All test reports are encrypted using AES-256 encryption and are secured with a strong, randomly-generated password which is delivered ‘out-of-band’ to you via SMS. The encrypted file is then delivered to you through an encrypted & expiring URL link – allowing you to download the test report securely to your workstation.
After Care
Once our consultancy engagement is complete and our final report has been delivered to you, our consultancy team remain available to you indefinitely for any questions you may have surrounding the report’s findings or our consultancy engagement with you.
We pride ourselves in partnering with our customers to provide adhoc security advice and to ensure that our engagement with you doesn’t simply end once the final report has been delivered.
We are committed to ensuring that you receive the utmost value out of our consultancy services and look forward to developing a long-lasting business relationship with you.
Conference Call
Once you have received our final report, you have the option of attending a conference call between the consultant(s) involved in delivering your project and individuals within your organisation who you feel would benefit from a more in-depth discussion of the report’s findings.
A conference call is suitable for both management and technical staff. It provides you with the perfect opportunity to ensure that all vulnerabilities and their recommended course of action are fully understood by stakeholders the technical staff who will be tasked with applying the recommended course of action.
Find out more
If you'd like to find out more about our services or would like us to provide you with a quotation, please fill out the following form and one of our team will get in touch with you.