Thousands of public-facing VoIP devices identifiable worldwide
Easily identifiable VoIP devices can attract unwanted attention from cybercriminals
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
In recent years businesses have done away with landlines and have begun using devices that support Voice over Internet Protocol (VoIP) instead but new research fromCyberNewshas revealed that thousands of public-facingVoIP devicescan be accessed from anywhere in the world.
To compile its new report, the news outlet’s research team analyzed hundreds of thousands of public-facing devices with VoIP and SIP (session initiation protocol) functionality while excluding honeypots in order to identify which manufacturers have the most identifiable public-facing devices.
CyberNewsfound approximately 38,335 public-facing VOIP/SIP devices worldwide with the US having the most devices at 9,715 followed by the UK with 3,780 and Canada with 1,868. Ideally, none of these devices should have been identifiable as phones online as this could lead to unwanted attention from cybercriminals.
For instance, cybercriminals could leverage these devices to perform denial of service attacks or in some cases, overtake the communication line and act as a man in the middle. They could also use their access to these VoIP devices to launch voice phishing orvishing attacksagainst organizations and their employees.
Public-facing VoIP devices
Of the 15 device manufacturersCyberNewsinvestigated, Aastra-Mitel had the most public-facing devices at 13,221. The Chinese companyYealinkcame in second with 7,361 easily identifiable devices followed by the US manufacturer Polycom, which is a subsidiary ofPlantronics, with just under six thousand devices.
The news outlet also took a deep dive into the MITRE database ofCVEs(Common Vulnerabilities and Exposures) to determine which VoIP device manufacturers have the most listed vulnerabilities. The reasoning behind this is because the fewer vulnerabilities that cybercriminals can exploit, the safer a public-facing device is. The research team found that of the 15 device manufacturers it looked at only Patton, Net2phone and Fanvil have not had any vulnerabilities for their devices listed in the MITRE CVE database.
When it came to the manufacturer with the most vulnerabilities,Ciscotook the top spot with 178 CVEs though only four of them are dated 2020 or 2021 which means that a majority of them have been patched. Latvian manufacturer Mikrotik came in second with 34 known CVEs and the company also had the highest number of recent CVEs. Japanese manufacturerPanasoniccame in third in terms of CVEs with 24 found though only two could be categorized as recent.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
To round out its research,CyberNewspinpointed the exact location of the public-facing VoIP devices it had discovered. London came in first with 1,690 public-facing devices followed by Toronto with almost 1,200 and New York City with 663.
ViaCyberNews
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
TP-Link Archer BE3600 Wi-Fi 7 Router review
Ulefone Armor Pad 3 Pro rugged tablet review
Your doctor may have an AI assistant taking notes during your next Zoom call
