While VoIP and UC specific attacks get a lot of media attention and indeed present quite a few vulnerabilities, the real threat lies with voice-application attacks. The means of attack is not an IP scan, malformed packet, or flood of packets; rather, it is malicious calls exchanged between the Public Voice Network and the enterprise. As I have said before, the Public Voice Network has become much more hostile and it is so much easier for attackers to originate inbound malicious call attacks. Also, attacks such as toll fraud, which involve outbound calls, continues to be an issue and are getting worse.
Some of the types of malicious calls and their impact on the network include:
- Harassing calls - calls that harass or threaten users, attempt to sell produces/services, and trick users into calling a number to gather personal information
- Call pumping - artificially drive traffic into 1-800 contact centers to share revenue.
- Social engineering/fraud - calls that attempt to trick agents into performing illicit financial transactions
- Telephony Denial of Service (TDoS) - so many calls, that the target site is overwhelmed and can't process legitimate calls.
- Toll Fraud - cause the enterprise financial loss through long distance abuse and toll fraud.
- Modem access - either to a key computing resource or outbound to an ISP, creating a backdoor into the enterprise data network.
Some of these issues affect all parts of the enterprise. Certain issues either only affect contact centers or are certainly more acute in contact centers. TDoS is an example of an attack where it can affect any part of the enterprise, but is more acute in contact centers because of the value of calls and the ease of which an attacker can set up an attack (all they need is a 1-800 number).