Botnets, cloud computing power may be fueling attacks against VoIP

VoIP and compliance regulations make strange and difficult bedfellows

A spike in attacks against IP PBXs that started last fall shows no signs of abating, spawning speculation that those responsible have tapped into botnets and cloud computing resources to carry out their illegal activities.

Regulation: VoIP and compliance regulations make strange and difficult bedfellows

According to separate security reports from Cisco and Sipera's Viper Lab research arm, the exploits are carried out using techniques that lend themselves to the interpretation that the attackers are tapping into broad resources that make their work more effective.

The criminals are using brute force attacks to crack passwords, indicating they may be bringing cheap, easily available cloud computing power to bear, says Adam Boone, Sipera's vice president of marketing and product management. The scale of attacks at any given moment indicates that botnets might be in play, but there is no hard evidence that either they or cloud resources are involved, he says.

The most common exploit against compromised PBXs is toll fraud - using someone else's phone system to make long-distance calls. The second is forcing the PBX to call premium numbers controlled by the attackers that charge by the minute. Businesses whose PBXs have been attacked are billed. "In both types of fraud, enterprises are frequently unable to dispute the charges because they are unable to provide evidence that the charges are in error," the Sipera Viper Labs report says.

Cisco also noted the prevalence of vishing - telephone-based phishing - where callers pretend to be from banks, the government or other institutions and seek to get victims to relinquish valuable personal data such as Social Security and credit card numbers.

Cisco's report, which is about IT security in general, says, "VoIP abuse has been on the upswing and appears poised for further growth." A graph categorizing different classes of attack puts VoIP among those with potential but near to the group Cisco calls "rising stars" that includes Web exploits, money laundering and data theft Trojans.

The increase in VoIP attacks was first noted just before Halloween last year when the peak percentage of attacks against VoIP routinely rose to a high of about 30 per cent. In previous research, Sipera found that attacks directed against VoIP topped out at about 10 per cent, Boone says. Since last fall the percentage of total attacks that are directed at VoIP has continued to peak at about 30 per cent.

He offers three possible reasons for the attention VoIP is drawing. First, by and large VoIP systems are unprotected from outside attacks, he says. Second, VoIP is becoming more popular and reaching a critical mass that draws attackers. "It's common, and it gets the attention of hackers," he says. And third, there's money in it to be had easily.

Sipera has set up honeypots that are exposed to the Internet that appear to be unprotected VoIP systems. Once attackers have successfully broken in, the honeypots monitor what they try to do. They also locate the source of the attacks by country. The top three attack-launching locations are China, Russia and the U.S., followed by South Korea, Vietnam, Turkey and India, Viper Labs says.

Read more about lans and routers in Network World's LANs & Routers section.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags unified communicationsConfiguration / maintenancetelecommunicationvoipNetworkingsecurityhardware systemsData Centerinternetcloud computinganti-malware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?