IBM warns of rising VoIP cyberattacks
Cyber-attacks using the VoIP protocol Session Initiation Protocol (SIP) have been growing this year accounting for over 51% of the security event activity analyzed in the last 12 months, according to a report from IBM’s Security Intelligence group this week.
“SIP is one of the most commonly used application layer protocols in VoIP technology… we found that there has been an upward trend in attacks targeting the SIP protocol, with the most notable uptick occurring in the second half of 2016,” IBM wrote. “In actual attacks on VoIP communications, we note various types of disruption. Spikes in July and September were mostly the result of specially crafted SIP messages that were terminated incorrectly. Persistent, invalid messages are known to cause vulnerable servers and equipment to fail. The spike in October 2016 was largely influenced by SIP messages with invalid characters in the SIP “To” field. These could be reflective of suspicious activity, necessitating further investigation.”