 |
|
| CURRENT SECTION :: TechZone | UK's most visited IT Contractor Site - 250k unique visitors March 2008 |
|
 |
A series of nationwide events has alerted IT directors about growing threats to voice over internet systems, as hackers turn their attention to exploit next–generation communication. Siemens have been telling hundreds of telecoms and IT specialists the ways criminals steal packets of voice data from converged and data networks, so they can eavesdrop on corporate calls. These VoIP attacks are often enabled by a free download known as Vomit, designed to convert IP phone conversations into a wave file that can be played with ordinary sound players. Vomit differentiates itself from another attack – ‘the sniffer’, where hackers use a laptop to tamper with the protocol and ‘sniff out’ data, later sold to criminal entities. Vulnerabilities to VoIP also include spam over internet technology – clogging up voice accounts, and denial of service attacks, capable of crashing voice servers from a bombardment of data. Telecoms giant, AT&T Wireless, said users should install a multi layered VoIP protection system, especially after the discovery of potentially the most worrying flaw in the technology. They said hackers are now equipped to inject words into VoIP stream without the user noticing any foul play or manipulation. Kevin Kealey, security scientist for AT&T, said third parties could inject “swear words into conversations and the speaker can’t even hear it.” Speaking at VOP 2004 (US), he described the really “scary thing” as a test which proved messages for the FBI could be fabricated, without hi-tech voice analysis detecting any change. In the UK, Siemens said the wider functionality of IP telephony puts systems at a greater risk from fraudsters. As many VoIP systems are Windows-based, they are also vulnerable to the same threats common to data networks. “Voice must be protected like any other application,” advises Craig Pollard, head of Siemens’ security division, Insight Consulting. “Along with IT directors and telecoms managers, a number of financial directors came to our road shows, which may not be surprising considering the damaging potential of VoIP threats if a network is not properly protected." The successful turnout at the Siemens’ road shows is also proof of the rapid uptake of VoIP technology, as increasing numbers of professional and home users opt for internet calling. According to Analysys research, over 50 million broadband users in the UK could be using private VoIP by 2008. Separate evidence from Gartner IT predicts 90 per cent of all new corporate phone systems will be IP-enabled by 2008. With such high levels of uptake, threats outlined by Siemens are expected to become more prevalent as users expand their portfolio of VoIP products. To meet the challenge, Cisco Systems has released a platform that delivers encryption support for IP phones and other VoIP devices, including gateways and voicemail. Last month, Gartner commended the release as a viable solution to protect against eavesdropping hackers and connection spoofing. Juniper and Verisign are meanwhile developing their own firewall and virus software, for users who want their conversations and accounts kept from amends and viruses. Gartner acknowledge while technological advancements for VoIP security are most welcome, the developments from Cisco are simply not enough to drive business to adopt safer internet telephony products. Dec 23, 2004 Email this article Printer friendly page Previous Page
|
|
 |
||||||||||||||||||||||||
| All content © Contractor UK Limited | [Register for News Letter] | [Privacy Statement] | [Terms of Use] | [Top of Page] |