Seven Deadliest Unified Communications Attacks


  • Dan York, (CISSP)

Seven Deadliest Unified Communications Attacks provides a comprehensive view of the seven deadliest attacks against a unified communications (UC) infrastructure. It looks at the intersection of the various communication technologies that make up UC, including Voice over IP (VoIP), instant message (IM), and other collaboration technologies. The book consists of seven chapters that cover the following: attacks against the UC ecosystem and UC endpoints; eavesdropping and modification attacks; control channel attacks; attacks on Session Initiation Protocol (SIP) trunks and public switched telephone network (PSTN) interconnection; attacks on identity; and attacks against distributed systems. Each chapter begins with an introduction to the threat along with some examples of the problem. This is followed by discussions of the anatomy, dangers, and future outlook of the threat as well as specific strategies on how to defend systems against the threat. The discussions of each threat are also organized around the themes of confidentiality, integrity, and availability.
View full description


Information security professionals of all levels; recreational hackers


Book information

  • Published: April 2010
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-547-9


York’s The Seven Deadliest Unified Communications Attacks mentioned in article on

Table of Contents


About the Author


Chapter 1 The Unified Communications Ecosystem

    Anatomy of Attacks against the UC Ecosystem

    Dangers Associated with the UC Ecosystem


         Toll Fraud

         Exposure of Information

    Future of Attacks against the UC Ecosystem

         Social Software and Services

         Public Versus Private Information


         Mashups and APIs

         It’s All about the Cloud

         Bright Shiny Objects

    How to Defend Your UC Ecosystem

         Strategy #1: Identify All Ecosystem Components

         Strategy #2: Develop Security Plans for All Components

         Strategy #3: Engage in Holistic Ecosystem Testing


Chapter 2 Insecure Endpoints

    Anatomy of Attacks against UC Endpoints

         General DoS Attacks

         Finding Endpoints to Attack

         Default Passwords

         Hidden Accounts

         Undocumented Services

         Web Exploits

         Protocol Fuzzing

         Local Files

    Dangers of Attacks on Endpoints

         Denial of Service or Availability

         Toll Fraud

         Eavesdropping or Exposure of Information


    The Future of Attacks against UC Endpoints

         More Powerful Endpoints

         Migration into Software

         Commodity Operating Systems

         Heterogeneous Deployments


         Massively Distributed Endpoints

    How to Defend Your Endpoints

         Strategy #1: Identify All Connected Endpoints

         Strategy #2: Change Default Passwords!

         Strategy #3: Turn off Unnecessary Services

         Strategy #4: Develop Patch Plans for All Endpoints

         Strategy #5: Understand How to Update and Secure Remote Endpoints


Chapter 3 Eavesdropping and Modification

    Anatomy of Eavesdropping and Modification Attacks

         Getting between the Endpoints

         Using Wireshark to Capture Voice

         Using Wireshark to Capture IM Traffic

         Capturing Audio, Video, and IM using Other Tools

         Modification Attacks


    Dangers of Eavesdropping and Modification Attacks

         Exposure of Confidential Information

         Business Disruption


         Loss of Trust

    The Future of Eavesdropping and Modification Attacks

         Increasing Market Size

         All-IP Enterprise Networks

         Cloud and Hosted Systems

         Federation between UC Systems

         Continued Endpoint Distribution

    How to Defend against Eavesdropping and Modification Attacks

         Strategy #1: Encryption of Voice and Video

         Strategy #2: Encryption of IM


Chapter 4 Control Channel Attacks: Fuzzing, DoS, SPIT, and Toll Fraud

    Anatomy of Control Channel Attacks

         Eavesdropping Attacks

         Modification Attacks

         Denial-of-Service Attacks

         Elevation of Authority or Password Cracking


         Spam for Internet Telephony

    Dangers of Control Channel Attacks

         Toll Fraud

         Denial of Service

         Exposure of Confidential Information

         Patterns in Aggregation


         Loss of Trust

    Future of Control Channel Attacks

         Integration with Social Networks and Services

         PSTN Bypass

    How to Defend against Control Channel Attacks

         Strategy #1: Encrypting the Control Channel

         Strategy #2: Limit and Secure Interconnection Points

         Strategy #3: Use Strong Authentication

         Strategy #4: Deploy SBCs or SIP-Aware Firewalls

         Strategy #5: Auditing or Monitoring


Chapter 5 SIP Trunking and PSTN Interconnection

    Anatomy of Attacks on SIP Trunks and PSTN Interconnection

         Understanding SIP Trunking

         Attacks against SIP Trunking

    Dangers of Attacks on SIP Trunks and PSTN Interconnection

         Toll Fraud


         Corporate Espionage/Exposure of Confidential Information


         Spam for Internet Telephony

    The Future of Attacks on SIP Trunks and PSTN Interconnection

         Reasons for Growth

         Increased Market Size

         More ITSP Entrants with Few Cares about Security

         Expansion of the PSTN Trust Boundary

    How to Defend against Attacks on SIP Trunks and PSTN Interconnection

         Strategy #1: Understand Your ITSP

         Strategy #2: Establish a Secure Transport Layer

         Strategy #3: Ensure Strong Authentication Is in Place

         Strategy #4: Consider the Same Service Provider as Your Data/Internet Provider

         Strategy #5: Establish a Business Continuity/DR Plan


Chapter 6 Identity, Spoofing, and Vishing

    Anatomy of Attacks on Identity

         Caller ID Spoofing on the PSTN

         Identity Modification at the Originating Endpoint

         Identity Modification at Source System

         Identity Modification in Transit


    Dangers of Attacks on Identity


         Identity Theft

         Social Engineering

         Reputation Damage


         Erosion of Trust

         Deceiving Automated Systems

    The Future of Attacks on Identity

         Interconnection and Federation

         RFC 4474 SIP Identity and Whatever Comes Next

         Social Identity Systems

    How to Defend against Attacks on Identity

         Strategy #1: Educate Your Users about Potential Threats and What Not to Trust

         Strategy #2: Understand and Lock Down Holes that Allow Spoofing

         Strategy #3: Evaluate Strong Identity Solutions

         Strategy #4: Monitor and Participate in Ongoing Identity Discussions


Chapter 7 The End of Geography

    Anatomy of Attacks against Distributed Systems

         Attacks against Remote Workers

         Attacks against Branch Offices

         Attacks against Distributed Systems

         Attacks against Cloud-based Services

         Attacks against Federation

    Dangers of Attacks against Distributed Systems





    The Future of Attacks against Distributed Systems


         Social Networks

         New Collaboration Technologies

         Movement into the Cloud

    Geography Does Matter

    How to Defend against Attacks against Distributed Systems

         Strategy #1: Deploy Secure Firewall Traversal Mechanisms

         Strategy #2: Ensure Understanding of Security at Fixed Locations

         Strategy #3: Understand Security Ramifications of Federation

         Strategy #4: Ensure Secure Authentication

         Strategy #5: Secure Your Connections to Services in the Cloud