igor - Fotolia

Manage Learn to apply best practices and optimize your operations.

VoIP vulnerabilities: Can VoIP data exfiltration be prevented?

Malicious actors can exfiltrate sensitive data over VoIP, creating a security hole for enterprises. Expert Kevin Beaver explains how this attack is carried out and how to protect against it.

I read that the voice media stream can be used as a channel to conduct VoIP data exfiltration. Can this be accomplished and, if so, how can I protect against it?

Here's the bad thing about computers and networks: Practically anything can be done to wreak havoc if ill-intent and technical means exist.

Data exfiltration can be carried out over traditional Voice over Internet Protocol (VoIP) protocols using a proof-of-concept code (such as data-sound-poc) that converts data files to their sound equivalent before being transmitted outside the network. Many VoIP applications such as Skype and Google Hangouts provide direct file transfer capabilities.

As far as protecting against such attacks, security teams need to be monitoring outbound network traffic for anomalies -- something likely best served using advanced technologies such as a next-generation firewall or intrusion prevention system. If you're technically advanced, you can also use a traditional network analyzer such as OmniPeek or Wireshark to monitor this traffic for anomalies such as unusual bandwidth usage. The difficulty here lies in the fact that you're going to have to know what to look for and -- in the case of encrypted traffic -- you might not see anything odd at all.

In the end, you're likely better served by monitoring the data itself using data loss prevention and good old-fashioned security basics such as strong passwords and well-thought-out share and file access permissions.

Ask the Expert!
Want to ask Kevin Beaver a question about network security? Send your questions now via email! (All questions are anonymous.)

Next Steps

Uncover a number of VoIP security best practices

Learn how to tackle VoIP security risks

Quiz your knowledge on VoIP security threats

This was last published in October 2014

Dig Deeper on IPv6 security and network protocols security