When you are using VOIP to speak to clients and co-workers, do you ever worry that hackers could be using those calls to steal critical data, including usernames and passwords?
Incredible as it might seem, recent research shows that it is now possible for hackers to break into your VOIP calls and monitor the sounds your keyboard makes as you type. This is known as “acoustic eavesdropping”. From these sounds, hackers can work out with a worrying degree of accuracy what you have been typing.
This potentially gives hackers access to a whole range of critical business data and could compromise both your company and your clients. Understanding the threat and what action you can take to protect yourself is essential in order to stay safe when using VOIP.
How acoustic eavesdropping works
This type of hacking requires the attacker to be able to break into your VOIP calls, so make sure you watch out for signs that your VOIP has been hacked. Once they have access, hackers can simply record the sounds coming through your microphone and isolate the noise from your typing.
The researchers looking at this phenomenon were able to work out what people were typing with 41.89% accuracy without knowing anything about the targets type of keyboard or typing habits. When they knew the keyboard make and the target’s typing style, they were able to boost that accuracy to a frightening 91.7%.
The researchers carried out their tests using Skype and some of the most common laptop models and are planning to expand to other VOIP providers and device types in their future work.
How worried should you be?
Ultimately acoustic eavesdropping is entirely reliant on hackers being able to break into your VOIP calls. This means that how safe you are depends on how safe your VOIP software is. Skype generates a unique 256-bit AES encryption key for each new call, which in theory makes calls very hard to break into. However, this encryption is only in place for VOIP-VOIP calls. If you are using your VOIP software to call a mobile or landline, you could be leaving yourself vulnerable.
It’s also worth remembering that acoustic eavesdropping is much less effective if hackers do not have information about your typing style and keyboard. It is therefore a good idea to take precautions, such as covering your webcam when it’s not in use, as this can help limit the amount of information hackers are able to gather about you.
Staying safe when using VOIP
Being able to use VOIP safely requires a combination of good IT security and sticking to online best practices to limit opportunities for hackers. Make sure you use reputable VOIP software, such as Skype, and get good antivirus software that you keep regularly updated.
Be wary of typing sensitive information when talking to someone on a mobile or landline, or to an unknown caller. Take basic precautions too, such as keeping webcams angled away from your keyboard and, ideally, leaving them covered when not in use.
Stick to these kind of precautions and you should be able to use VOIP safely and securely without having to worry about giving away business critical data to unscrupulous operators.
As hackers become ever more sophisticated and resourceful in the way they target your data, VOIP security is an area you can’t afford to overlook. If you work in the legal sector, City Business Solutions can offer specialist IT security to ensure your company and clients are protected at all time.
To find out more about how we can help keep your business secure, please get in touch.