Whether the SARS-CoV-2 pandemic has prompted you to telecommute from home, or if you simply want to feel more secure in your home or office, you should know that that wireless phones and VoIP they are a target for many cybercriminals looking to attack businesses or individuals.
Keep in mind that a cyberattack can lead to significant losses for the business, as well as leakage of sensitive information from the company itself or from customers. Therefore, to prevent them from listening in on your conversations, you should follow some practical advice that you can apply yourself.
Table of Contents
The old ones landlines they are still alive in many businesses and homes, although little by little they have been replaced by mobile telephony and VoIP. Despite their age, they are still one of the most stable and best communication methods for long distance calls.
However, fixed telephony also it has evolved quite a bit in recent decades. From the primitive telephones to the current cordless telephone. Wireless technology has become cheaper and mature until it has managed to displace the conventional telephone.
With the new cordless phone you avoid cable limitations, being able to move where you need while making the call, as long as you are under the coverage range of the wireless technology used.
Old wired lines could be eavesdropped on phones, but it can also be done on modern wireless and VoIP lines. Although it is true that the current cordless phone has gone from using AM radio waves broadcast in the open and without protection (they could be intercepted) even communications with encrypted digital technology to protect it from prying ears.
So is the cordless phone safe?
They do not exist nothing 100% sure, cybercriminals find new vulnerabilities and types of attacks in order to carry out the attacks. Also, depending on the technology your wireless phone uses, it may be more or less easy to intercept a conversation.
If the wireless phone you have does not specify that it has technology DDS (Digital Spread Spectrum) or DECT (Digital Enhanced Cordless Technology), then you are transferring in analog technology (even if they are wireless).
In case of being analog, you will be in front of wireless phones most vulnerable. While the digital ones are somewhat more secure, but they are not totally free of attacks in which third parties could listen to the conversation you are having. Some pentesters and cybercriminals have managed to intercept DECT encrypted conversations like the one used by some of today's wireless phone manufacturers.
To be able to intercept conversations, attackers would only need specific software and hardware. In addition, the software tools are open source and free, so it is not difficult to get what you need for espionage. While the necessary hardware goes through simply having a PC with a specific wireless network card for DECT (fortunately it is neither easy to find nor cheap).
Today DECT is evolving to implement new security measures to the standard to make it safer. But not all cordless phones will adopt them, so there could be many vulnerable models.
How to protect your phone against wireless attacks
Typically, unless your company handles especially valuable informationIt is not profitable to buy the necessary hardware to spy on certain targets. But that shouldn't make you relax, since once a cybercriminal has the necessary material, they can use it for many of their victims.
Another advantage of this type of technology is that to intercept DECT communication data it is necessary for the cyber criminal to this next to the facilities where you have the wireless phone installed. The good thing is that the coverage ranges of these are not very large, so it is more difficult to capture the signal.
Despite that, some tips that you should keep in mind are:
- If you have an analog cordless phone, switch to a more secure DECT. If you are paranoid, better use a corded phone for the most sensitive calls or an encrypted VoIP one.
- In a large office or home, place the phone in the center of the building. This will make it more difficult for the signals to be intercepted. It should never be close to a wall with an adjacent dwelling, or close to the exterior walls of the building.
Specific measures for VoIP phones
Each filtering bag VoIP phones They use the Internet IP protocol to carry out communications, instead of conventional telephone wiring like the traditional ones. Therefore, it is necessary to implement other different measures to try to improve the security of your network:
- Using a router with VPN to encrypt all network traffic can be a great option for protecting VoIP communications.
- A separate VLAN could be used for telephony from the network you use to browse.
- Invest in cybersecurity companies that can perform security audits on your network to reinforce any weaknesses that may exist.
- Train your employees, because when the system is secure, the best way to get what you want is to go for the weakest link: the user.
Other additional measures
It is not only important to protect equipment, it is also maintain security measures for your employees and for yourself in the office. Therefore, it would be advisable to respect a series of additional measures while there is no vaccine or effective treatment against Covid-19. These basic measures go through:
- Maintain a safety distance of 2 meters between people and avoid crowds.
- Wear approved masks whenever working indoors with more people or outdoors if the safety distance cannot be maintained.
- Hand washing and surface disinfection.
- Use of protective screens, gloves, and other items if necessary.