VoIP security challenges in 2009 are mostly known vulnerabilities, but there are some new twists. The majority of these vulnerabilities were first discovered by carriers as they deployed VoIP in 2002 in search of cost savings in the delivery of services such as long distance. DoS/DDoS attacks come at various protocols levels e.g. IP layer, SIP layer, etc; and are used to consume bandwidth and resources. All elements in an enterprise VOIP network must be properly hardened and customers should demand vendor verification of the hardening prior to purchase.”]
Source: https://www.csoonline.com/article/2123695/voip-security–the-basics.html