T 4.58 Vulnerabilities relating to the use of VoIP end devices

There are two different types of VoIP end devices: hardphones and softphones. Hardphones are stand-alone devices that usually run proprietary operating systems and are connected directly to the IP network. Some hardphones load their current configuration using the TFTP protocol.

Softphones are application programs whose functionality matches that of hardphones and which are installed on a computer. To access the IP network, a softphone uses an interface on the computer that it shares with other installed applications.

For the most part, all VoIP end devices offer similar functions that can be impaired by programs intending to cause damage. In this case, the threats range from partial impairment of normal operations to the ability of the attacker to take complete control over the device.

If the security precautions taken are poor, malware such as Trojan horses can spread throughout the system. Trojan horses can be used on a VoIP network to transmit private information of a subscriber or the contents of a conversion held during the telephone call to an attacker, for example.

Malicious software may also attempt to make calls without the user knowing it, or to find and transmit information on the telephone calls made or private telephone numbers from the address book.

When a call is initiated by a user, devices establish the connection according to the settings in the configuration and the telephone number selected. Manipulations to the configuration or firmware of the device can lead to the disruption of the dialling process or even to redirecting the call through the infrastructure of the attacker. In this manner, the attacker may also be able to listen in on the next telephone call under certain circumstances.

When the caller terminates the call, an infected device could simulate the signal designating the end of the call while maintaining the connection in the background. This connection could then be used to listen in on the user. If a device is infected by malware, the malware could also suppress the signals of incoming calls without the person being called even noticing this. The result is that this user can no longer be called by telephone.

Another potential type of attack using malware is to secretly activate the microphone of a VoIP end device to record the conversations in the room and transmit them to the attacker via VoIP. The amount of time and effort required to program a corresponding malware program with such functionality is relatively low since the VoIP functionality needed (codecs, VoIP protocols) is already implemented on the end devices and can be used by the malware.

The degree to which the described risks actually threaten a device depends on several factors, for example the type and settings of the operating system, whether or not resources are shared with other applications (for example in the case of softphones), and the protection mechanisms implemented.

In general, it can be said that softphones are more susceptible to attacks from programs intended to cause damage than hardphones, because softphones are usually based on widely used operating systems and share resources with other applications installed (which may have their own security gaps). In contrast, hardphones have their own, separate network interface and are usually based on proprietary operating systems whose settings have been customised to provide the required functionality. For this reason, they can generally only be attacked by malware programs that have been specially developed for precisely these operating systems.