Johna Till Johnson
April 9, 2019
When it comes to securing communications infrastructure, there’s good news and bad news. The good news is that awareness of the need to secure communications infrastructure has skyrocketed over the past few years. Communications security didn’t even crack the top 10 concerns cited by cybersecurity professionals back in 2016. Today it’s among the top six.
The bad news is that granularity is still lacking. Many cybersecurity professionals are unaware of many of the most common vulnerabilities, including the potential for SIP hacking, man-in-the-middle attacks, TLS/SSL vulnerabilities, and the like. And even among those who are aware, these vulnerabilities comprise an unsolved problem: Roughly 70% say they’re “somewhat concerned” or “very concerned” about them.
The solution? Cybersecurity professionals should start by implementing a focus on communications security. That means putting in place a budget, staffing, and an architecture and roadmap for addressing known and future vulnerabilities.
Beyond that, they should require security as a key selection criterion when choosing communications products. Key features include the ability to deliver on key functions including encryption, authentication, logging, auditing, and high availability. It’s also important that prospective solutions be extensible and able to integrate with other products via APIs.
Table of Contents
- Executive Summary
- Communications Security: The Missing Link
- Common Vulnerabilities
- SIP Hacking (Data Exfiltration via RTP)
- SIP Interception: MTM
- Other Vulnerabilities
- Logging, Auditing, and Fraud Prevention
- The Communications Architecture
- SBC as Security “Master Control Point”
- Encryption and Data Protection
- Logging, Auditing, Compliance, and Fraud Prevention
- APIs for Security Integration
- Next Steps: Action Items for Securing Communications Infrastructure