Saturday, May 14, 2011

VoIP Phone Eavesdropping Alert

Contact centers and businesses using a popular make of internet phone were at risk of having their communications intercepted and confidential information leaked, a hacking group demonstrated.

Security consultant Chris Gatford showed SC Magazine how internet-protocol phone systems from market leader Cisco were vulnerable out of the box to attacks that were widely known. He said customers of his had lost $20,000 a day through such exploits.

A Cisco spokesman said the networking vendor was serious about security and advised users to apply the relevant recommendations in the manual to secure their systems. 
( Products / Security)

Gatford said VoIP phone systems could turn on their users, hacked to become networked listening devices or 'bugs', wiretapped remotely or silenced, blacking out communications. Contact centers that often use internet-protocol phones because they were cheap to run, were especially at risk, he said.

“It is the closest attack in a real world environment that mimics so many of the scenes Hollywood likes to show us” Gatford said.

You can imagine if you’re an employee who wants to listen into the boss during a meeting, that the phone in the conference room will be a target.” (more)