Sangoma Technologies

Sangoma Technologies, operating under aliases including Asterisk FreePBX and FreePBX, develops and maintains open-source telephony software focused on Voice over Internet Protocol (VoIP) solutions. The organization’s core product, FreePBX, serves as a widely adopted phone system management platform enabling businesses to configure and control communications infrastructure. This software supports call routing, voicemail, conferencing, and integration with SIP trunking services, primarily targeting enterprises requiring scalable telephony systems. Headquartered in Canada, the company’s technology facilitates voice and data communications for organizations across multiple sectors globally. Its solutions are distributed as both on-premises deployments and cloud-based services, emphasizing flexibility for diverse operational environments.

The organization’s prominence in VoIP infrastructure is evidenced by its recurrent targeting in high-impact cybersecurity incidents. A 2018 campaign exploited vulnerabilities in its software to deploy web shells, enabling surveillance and call spoofing against hundreds of entities, though patches were released before public disclosure. Sangoma’s 2020 Conti ransomware incident further underscored its operational scale, with attackers exfiltrating 26GB of internal financial, legal, and employee data without compromising customer systems. These events reflect the company’s dual role as a developer of critical telecommunications software and a high-value target for advanced threat actors. Structural linkages between Sangoma and the FreePBX project position it as a central maintainer of open-source telephony tools, with incident responses demonstrating segmented protections for customer assets despite corporate network breaches.