|
Major VoIP Hack Exposed |
|
|
|
Written by Adam Gosling
|
|
Thursday, 03 November 2005 |
A US-based newsletter, Broadband Business Forecast, has revealed what it claims is the first major security attack for enterprise VoIP systems.
The newsletter, a subscription-based publication distributed by Access Intelligence claims hackers have figured out how to manipulate the IP stream of VoIP phone systems to steal long-distance services.
Author of the story, Stuart Zipper says the fact that VoIP is a standard IP stream leaves the systems open to attack and that he knew it was just a matter of time before a major hack was exposed.
Zipper reportedly spoke to a range of industry players and security experts to work out how hackers can break into enterprise VoIP networks.
Though the newsletter story did not publish details of the hack, experts believe hackers have discovered how to manipulate cost codes to fool billing systems into believing calls were incomplete and should therefore not be charged.
In most billing systems these “zero” coded calls are not reported making the abuse almost invisible.
Cisco's call manager and the free Asterisk open-source softswitch were believed to be at risk. Two employees at Asterisk developer Digium told Zipper the softswitch can be reconfigured to allow a signal to be sent via a VoIP gateway so that "certain switches and billing systems treat the call as if it had not been successful."
The story appeared in the most recent edition of Access Intelligence’s Broadband Business Forecast newsletter.
Related news items Newer news items
Older news items
|
|
|
|
