In 2020, hackers are ubiquitously on the prowl for personal information. During the COVID-19 crisis - with life abruptly shifting into virtual space across most of the world - security breaches soared by a stunning 600% in some areas.
But between Twitter and YouTube being hacked, and email accounts commandeered, there is one channel of communications that has received only limited security scrutiny: phone calls.
Whether on landlines, cell phones, or Voice over Internet Protocol (VoIP) platforms, voice and video calls are often used to discuss highly sensitive information. This includes everything from company security and financial dealings to private health issues and personal relationships, all of which could be used for nefarious purposes.
This article examines how secure each of the channels for making calls is, and how encryption can boost security in 2020.
However, they are a relatively safe channel of communication. Landlines are mostly secure by virtue of having a single line going from point to point that only exists for the duration of the call.
Wiretapping is of course possible, but relatively difficult for anyone but law enforcement officers, since the actual wiring needs to be accessed. This means that anyone set on stealing information from your calls will need some serious dedication and skills.
One way of further boosting landline call security is by using secure telephones, which encrypt voice signals. The downside? Both parties need one.
However, since landlines are both strictly limited to voice calls and expensive, their share of the total call volume is steadily declining. That in itself makes them less of a target for security breaches.
Since no wires are involved in making a cell call, anyone nearby can theoretically intercept the signal. When people started using cell phones in the 1990s, this is exactly what happened - requiring only cheap equipment from RadioShack.
Luckily, encryption has been put into place since then. The overall security of a cell phone call, though, depends on the strength of these encryption protocols.
The older 2G standard’s encryption, for example, was relatively easy to break. Even though these vulnerabilities were fixed when protocols were updated, newer versions of encryption don’t give total security either.
A particular one - exploiting the SS7 protocol underlying almost all mobile networks - only requires a hacker to know your phone number. In 2019, hackers used it to bypass a bank’s text-based two-factor authentication (2FA) to steal from bank accounts - by intercepting texts as they were sent to clients’ phones.
Unfortunately, this vulnerability is unlikely to be fixed on a larger scale. While text-based 2FA is much better than none, use a different method if you can. For sensitive communication, encrypted VoIP and messenger apps offer better security.
However, the security of VoIP depends entirely on call encryption and network security.
Unencrypted VoIP is as easy to intercept as any other internet traffic, for example via insecure WiFi networks. At the latest, this became apparent during the ferocious debate around Zoom hacking.
What’s more, the security stakes in business VoIP platforms are generally higher, since they also often integrate analytics platforms or customer relationship management (CRM) systems.
Fortunately, there are steps VoIP users can take to exponentially improve the security of their connection.
Choosing a provider with top-notch end-to-end encryption, using only secure WiFi networks - with Transport Layer Security (TLS) and Real-time Transport Protocol (SRTP) enabled - investing in a VPN, and enabling 2FA render VoIP calls on par with those made via landlines in terms of security.
In this digital age, everyone needs to be aware of the threat of having personal or business information stolen. Defend yourself by choosing the right channels, and taking steps to make them as secure as possible - so that your sensitive conversations stay safe from eavesdroppers.
But between Twitter and YouTube being hacked, and email accounts commandeered, there is one channel of communications that has received only limited security scrutiny: phone calls.
Whether on landlines, cell phones, or Voice over Internet Protocol (VoIP) platforms, voice and video calls are often used to discuss highly sensitive information. This includes everything from company security and financial dealings to private health issues and personal relationships, all of which could be used for nefarious purposes.
This article examines how secure each of the channels for making calls is, and how encryption can boost security in 2020.
Landlines
In the age of high mobility and life online, landlines have largely gone out of fashion.However, they are a relatively safe channel of communication. Landlines are mostly secure by virtue of having a single line going from point to point that only exists for the duration of the call.
Wiretapping is of course possible, but relatively difficult for anyone but law enforcement officers, since the actual wiring needs to be accessed. This means that anyone set on stealing information from your calls will need some serious dedication and skills.
One way of further boosting landline call security is by using secure telephones, which encrypt voice signals. The downside? Both parties need one.
However, since landlines are both strictly limited to voice calls and expensive, their share of the total call volume is steadily declining. That in itself makes them less of a target for security breaches.
Cell Phones
With the omnipresence of smartphones, calls over the cell phone network currently take up the largest share of call volumes worldwide. Cell phone calls are comparatively cheap, convenient - and reasonably secure.Since no wires are involved in making a cell call, anyone nearby can theoretically intercept the signal. When people started using cell phones in the 1990s, this is exactly what happened - requiring only cheap equipment from RadioShack.
Luckily, encryption has been put into place since then. The overall security of a cell phone call, though, depends on the strength of these encryption protocols.
The older 2G standard’s encryption, for example, was relatively easy to break. Even though these vulnerabilities were fixed when protocols were updated, newer versions of encryption don’t give total security either.
A particular one - exploiting the SS7 protocol underlying almost all mobile networks - only requires a hacker to know your phone number. In 2019, hackers used it to bypass a bank’s text-based two-factor authentication (2FA) to steal from bank accounts - by intercepting texts as they were sent to clients’ phones.
Unfortunately, this vulnerability is unlikely to be fixed on a larger scale. While text-based 2FA is much better than none, use a different method if you can. For sensitive communication, encrypted VoIP and messenger apps offer better security.
VoIP
Finally, VoIP is the modern-day gold standard of call communication - both via voice and video. Especially during the pandemic, systems such as Zoom, Skype, and business VoIP providers kept the economy and private life going.However, the security of VoIP depends entirely on call encryption and network security.
Unencrypted VoIP is as easy to intercept as any other internet traffic, for example via insecure WiFi networks. At the latest, this became apparent during the ferocious debate around Zoom hacking.
What’s more, the security stakes in business VoIP platforms are generally higher, since they also often integrate analytics platforms or customer relationship management (CRM) systems.
Fortunately, there are steps VoIP users can take to exponentially improve the security of their connection.
Choosing a provider with top-notch end-to-end encryption, using only secure WiFi networks - with Transport Layer Security (TLS) and Real-time Transport Protocol (SRTP) enabled - investing in a VPN, and enabling 2FA render VoIP calls on par with those made via landlines in terms of security.
The Bottom Line
Different channels of communication offer different levels of protection for the information transmitted. Some, like landlines, are inherently more secure. Others, like VoIP, can offer maximum security only if providers and users adhere to certain standards.In this digital age, everyone needs to be aware of the threat of having personal or business information stolen. Defend yourself by choosing the right channels, and taking steps to make them as secure as possible - so that your sensitive conversations stay safe from eavesdroppers.
