Intercepting Avaya VOIP phone calls is possible now

Cybersecurity risks related to phone use are usually limited to the physical integrity of a device or the use of mobile applications that can connect to the Internet. However, network security experts claim to have detected a new risk scenario, especially dangerous in corporate environments.

A recent investigation by security firm McAfee found some issues with Avaya manufacturer’s Voice over Internet Protocol (VoIP) phones that would allow a malicious actor to run remote code in the device’s software. Experts recommend checking for firmware updates for these computers.

Network security experts consider that these flaws compromise some of the main features of VoIP telephony, such as sensitive information relay. During the investigation, an error was detected in Avaya’s source code and a proof-of-concept designed by researchers demonstrates that there are various attack vectors to take control of a device remotely and extract conversations, file logs, etc.

In this regard, the company issued a statement mentioning that: “We have a well-defined policy on software updates to ensure that our products are kept safe from known security threats.” In addition to implementing the due updates, Avaya advised its customers to maintain physical access to their devices limited only to responsible personnel, as intrusions could begin with just an oversight.

Avaya is, together with Cisco, the most used company when it comes to VoIP services, as it is accessible to any company and is also easy to use. Avaya maintained its dominant position in the market even after filing for bankruptcy a couple of years ago.

Unfortunately, this isn’t the only flaw affecting Internet of Things (IoT) devices recently discovered by network security specialists. In a new security report, Microsoft unveiled a cyberattack campaign perpetrated by Russian hackers that exploited some weaknesses in the security of any Internet connected device.

Disseminating this kind of information is vital to the cybersecurity environment of thousands of companies around the world because, in case these inconveniences go unnoticed by business IT staff, highly sensitive information could be exposed to any attacker with the necessary knowledge and resources, compromising the stability of organizations; “Currently, the number of IoT devices used in companies far outperforms other traditional computer and telephony equipment, so the risks in any industrial sector are huge,” the experts added.

According to network security specialists from the International Institute of Cyber Security (IICS), one of the most common risk scenarios in the use of IoT equipment nowadays is the lack of proper software updates. The absence of security updates is one of the main causes of leakage of sensitive information via remote access, among other attack variants. While it is impossible to avoid all security threats on IoT devices, software updates can be critical to preventing multiple chaotic scenarios for a company’s information security environment; in addition, IT teams should consider that the use of these devices will keep growing in the future, so stricter security measures are critical.