igor - Fotolia
I read that the voice media stream can be used as a channel to conduct VoIP data exfiltration. Can this be accomplished and, if so, how can I protect against it?
Here's the bad thing about computers and networks: Practically anything can be done to wreak havoc if ill-intent and technical means exist.
Data exfiltration can be carried out over traditional Voice over Internet Protocol (VoIP) protocols using a proof-of-concept code (such as data-sound-poc) that converts data files to their sound equivalent before being transmitted outside the network. Many VoIP applications such as Skype and Google Hangouts provide direct file transfer capabilities.
As far as protecting against such attacks, security teams need to be monitoring outbound network traffic for anomalies -- something likely best served using advanced technologies such as a next-generation firewall or intrusion prevention system. If you're technically advanced, you can also use a traditional network analyzer such as OmniPeek or Wireshark to monitor this traffic for anomalies such as unusual bandwidth usage. The difficulty here lies in the fact that you're going to have to know what to look for and -- in the case of encrypted traffic -- you might not see anything odd at all.
In the end, you're likely better served by monitoring the data itself using data loss prevention and good old-fashioned security basics such as strong passwords and well-thought-out share and file access permissions.
Ask the Expert!
Want to ask Kevin Beaver a question about network security? Send your questions now via email! (All questions are anonymous.)
Uncover a number of VoIP security best practices
Learn how to tackle VoIP security risks
Quiz your knowledge on VoIP security threats
Dig Deeper on IPv6 security and network protocols security
Related Q&A from Kevin Beaver
The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains ... Continue Reading
While most mobile platforms provide levels of security from mobile cryptojacking, IT must still be aware of the risks and procedures to address an ... Continue Reading
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.