VOIP: back door to your company data

This week it was announced that malware in well-known VOIP software has penetrated deeply into Dutch organizations. An edited version of telephony software 3CX was found to contain malware. With a simple check you can be sure that you will not be the next victim.

The telephony software has a desktop version in addition to a web version. A desktop version is often more convenient and faster, but it now made you more susceptible to hackers and malware.

In this case, counterfeit software was offered. It hardly differed from the original, except that it contained malware. That malware accessed your browser history and data about your PC and operating system. This data is then shared. Assume those are now for sale on the Dark Web.

From VOIP to PC and server

It is good to consider the method of access. Telephony software also uses your network. This also makes telephony a usable entrance for hackers to access all devices on your network.

Is it on your organization's radar that telephony software can also be a target for hackers? If not, then it is high time to also investigate VOIP for weaknesses. And above all: to what extent VOIP can be abused for access to the rest.

Solutions Partners

The good news is: our Solutions Partners like Palo Alto, CheckPoint, WatchGuard and Fortinet are armed against this. For that reason, our customers are not affected.

The learning point of this attack is that you must have the entire network on the radar. So it's not enough just to monitor PCs and servers. Because while you check that, attackers can gain access via VOIP.

It will probably be discovered eventually. But then it's already too late. Be ahead of them with a network scan from Aumatics. Then you'll know if you're keeping them out before they try.