What's the 411 on VoIP?
A VoIP network is a system that uses the internet to transmit voice calls and related communications, rather than traditional phone lines. VoIP stands for Voice over Internet Protocol, which means voice data is sent and received using Internet protocols.
A VoIP (Voice over Internet Protocol) network is a digital phone system that converts your voice into data and sends it across the internet rather than the old-school phone system (the PSTN, or Public Switched Telephone Network). With VoIP, your calls, messages, and sometimes even video streams all travel as data packets over your organization’s network or the public internet.
Think of it as the difference between sending a handwritten letter and firing off a quick text. VoIP is the “text”—fast, cloud-based, and endlessly flexible for business.
Voice digitization – Your voice is picked up by a microphone and turned into digital packets (small chunks of data).
Data transmission – These packets travel through the internet, bouncing between routers and switches just like regular web traffic.
Receiving end – The data is reassembled and turned back into audio for the person on the other end.
Connection setup – Calls are set up and managed using special protocols like SIP (Session Initiation Protocol).
If you want to nerd out on the technicals, VoIP relies on standards like SIP, RTP (Real-time Transport Protocol), and many others to ensure your call goes through securely and promptly.
VoIP networks are not just “phones on the internet.” They’re a critical piece of your organization’s broader network, with unique risks and opportunities.
Eavesdropping – Attackers can intercept unencrypted VoIP calls.
Phishing & Vishing – Bad threat actors use VoIP systems to trick users into revealing sensitive info.
Denial-of-Service (DoS) Attacks – Flooding a VoIP system can take down business communications.
Caller ID Spoofing – Attackers can fake the number they’re calling from.
Unpatched Devices – VoIP phones, softphones, and PBXs need regular security updates.
Integrated systems – VoIP networks often connect with email, messaging, and CRM tools, increasing the attack surface area.
Regulatory impact – Conversations over VoIP may carry sensitive data (think HIPAA for healthcare), making security non-negotiable.
Incident response – A compromised VoIP network can impact not only phones but every connected endpoint.
In 2023, the 3CX VoIP Desktop Application was compromised, delivering malware through what appeared to be legitimate software updates. Although attribution remained unclear, the vigilant Huntress team detected suspicious activity and quickly alerted the community.
Flexibility – Make calls from anywhere with an internet connection.
Scalability – Easily add users or locations by changing software settings.
Cost Efficiency – Skip pricey long-distance charges and hardware installs.
Advanced Features – Auto attendants, call recording, unified communications.
Internet Dependent – When your network goes down, so do your phones.
Additional Attack Surface – Cyber threats can now target your phones.
Quality of Service (QoS) – Poor network configuration can affect call quality.
Complex Incident Response – VoIP breaches can move fast and impact multiple systems.
VoIP should be included in your risk assessments, vulnerability management, and overall security monitoring. Here are 3 key strategies:
Use strong encryption (TLS, SRTP) for both signaling and voice data.
Isolate and segment VoIP devices from main business network traffic.
Patch and monitor all VoIP endpoints and keep device firmware up to date.
Ransomware in VoIP – Attackers encrypt call servers, locking businesses out of basic communications until ransom is paid.
Phishing Campaigns – Vishing attacks against HR staff harvest credentials for broader network attacks.
VoIP Eavesdropping – Unencrypted calls leak sensitive M&A or patient data.
Session Initiation Protocol (SIP) – The main protocol for starting, managing, and ending VoIP calls.
IP Phone / Softphone – Hardware or software that enables VoIP calls.
QoS (Quality of Service) – Network features that prioritize voice traffic to maintain call quality.
PBX (Private Branch Exchange) – A call routing system used inside organizations, now often cloud-based for VoIP.
Vishing – “Voice phishing,” a social engineering attack using VoIP calls.
VoIP systems are powerful tools for businesses, but come with security risks that shouldn't be ignored. From monitoring and logging traffic to including VoIP in incident response plans, proactive measures are key to protecting operations. Stay vigilant for signs of compromise to safeguard your communications infrastructure.
VoIP networks are an essential, evolving part of modern IT environments.
Security controls must cover endpoints, signaling, and the data stream.
VoIP systems are a growing vector for phishing, malware, and other cyberattacks.
Regularly update devices, segment VoIP traffic, and keep an eye on your logs.
Need actionable, hands-on VoIP security tips? See our VoIP security checklists and empower your team to get proactive.
Explore more cybersecurity basics at Huntress Cybersecurity 101.
