Article: VoIP may become a target for hackers?
QUOTE: In Hacking Exposed VoIP, which hit bookshelves last month, authors David Endler and Mark Collier argue that voice-over-IP technology “is about to hit critical mass” and will become a favorite security hole for hackers to slip through to disrupt IT operations. Endler and Collier hope their book can show not just how to crack a VoIP network — which it will — but also how to lock one down. According to Endler, who is director of security at 3Com Corp.’s TippingPoint division in Austin, hackers have begun to use VoIP in phishing exploits that emulate the interactive voice response systems of legitimate companies. “The rate of vulnerabilities will increase,” says Collier, chief technology officer at SecureLogix Corp. in San Antonio. Distributed denial-of-service attacks are likely and could be devastating to VoIP systems, Collier says, noting that even a modest DDoS attack could make it all but impossible to make VoIP calls because of quality-of-service issues. Then there’s the problem of privacy. “It’s extremely easy to listen in on a call,” Endler says. It isn’t that much harder to inject noise or even spam into VoIP communications.