Security flaws emerge in VoIP

Security experts caused a stir this week when they revealed how easy it is to hack VoIP software.

During a presentation at the Black Hat USA IT security convention taking place in Las Vegas this week, the Viper Lab division of security firm Sipera demonstrated one of several VoIP security flaws.

The flaws allow a hacker to take control of a laptop running a standards-based VoIP softphone. The company also highlighted several threats affecting the SIP protocol often used for VoIP communications and flaws in dual mode wifi/cellular phones from vendors including RIM, HTC, Samsung, Dell and D-Link.

“The fact that a known vulnerability in VoIP can be used to create an exploit to steal data should serve as a wake up call to all chief security officers that VoIP security should be escalated as a must-have requirement when deploying unified communications,” said Eric Winsborrow, chief marketing officer at Sipera.

“Sipera Viper Lab has identified an exhaustive list of VoIP vulnerabilities that can be exploited to disrupt critical business communications, and in this case, steal confidential data through a security hole that data security vendors are fundamentally unable to address,” Winsborrow said. “The regulatory impact on this exploit, alone, should it happen in the wild, would be severe.”

To comment on this and other articles, please contact us at [email protected]

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.