There are a number of way, theoretically, that a VoIP communications system could pose a security risk to an enterprise. Let’s face it, while the network administrators have been in the trenches fighting unauthorized access, malware infections, data compromise, and more on a daily basis for the last 10 years, the voice guys have been sitting on a pretty stable and secure platform. While there are huge benefits for an enterprise to migrate from traditional voice to VoIP, those benefits come with a convergence onto that data network that is constantly under attack. That means that the benefits and efficiency of VoIP come with an increase in the number of security threats as well.
That said, attackers are still working on refining how to compromise VoIP for gain. Many of the VoIP weaknesss are proprietary, meaning that they vary from vendor to vendor and make it more difficult for attackers to determine targets. However, there are three VoIP threats that are consistent across pretty much all VoIP implementations and two of the three are actually just new twists on old attacks that were used against traditional voice systems as well.
The three most common VoIP threats are voice spam (sometimes referred to as SPIT (Spam over Internet Telephony), toll fraud (or theft of service), and denial-of-service attacks. For more details about these threats and what you can do to protect your VoIP network against them, check out The Biggest VoIP Securiy Threats – and How to Stop Them.