Few users regularly encrypt their e-mail, gambling that, with the number of packets flying around the Internet, interception is unlikely, so why encrypt voice calls? "Yes, it's a needle in a haystack," Zar says. "But not all haystacks are the same."
The bad news is that hackers already know how to target specific organizations and networks, but there is good news, too. The first use of VoIP by midsized and large organizations is typically to connect branch offices with each other and the head office and consolidate traffic on a central IP private branch exchange (PBX). Since remote office traffic is typically carried over a virtual private network (VPN), Zar says, the voice signals are already protected from the outside world.
"In most cases like that, the business user doesn't have to worry for now," he says. "But it's a different story for consumers, and will become more of an issue for businesses as VoIP use becomes more pervasive."
Indeed, if you make a call on an IP phone from a hotel, or with a soft phone at a local hotspot, there could be a kid hacking in down the hall or at the next table. VPN technologies will only protect VoIP security if the call is actually made over a VPN.
VoIP is also vulnerable to what Zar calls bypassing refuse-consent. This category of problems ranges from crank and obscene calls to fraud and spam over IP telephony (SPIT). The potential for fraud is enhanced by the ability VoIP gives users to change their caller IDs. It's virtually impossible for a telephonic grifter to change his caller ID using the PSTN, but it's much easier on a VoIP call. With a caller ID identifying him as a member of a company's IT department or service provider, a con man could easily garner even the most security-conscious victim's trust.
SPIT also bypasses refuse-consent, but its effects are indirect. Nevertheless the scourge of e-mail spam and its ability to clog network arteries like its gelatinous meat byproduct namesake makes it a threat worth watching out for – if not now, then soon. "It's definitely something to be aware of," Machinowski says. "Most VoIP systems connect remoter site and are still relatively well protected by VPNs, but when companies move to true open-ended VoIP, it could become a real problem."
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
Maintaining existing network infrastructures often incurs huge technical debt before newer technologies are adopted over time.
Amid ongoing regional uncertainties, telecom infrastructure in the Middle East has expand to include terrestrial low-latency network infrastructure, which offers resilience and agility in navigating political complexities without relying solely on undersea networks.
