Botnets, cloud computing power may be fueling attacks against VoIP

VoIP and compliance regulations make strange and difficult bedfellows

A spike in attacks against IP PBXs that started last fall shows no signs of abating, spawning speculation that those responsible have tapped into botnets and cloud computing resources to carry out their illegal activities.

Regulation: VoIP and compliance regulations make strange and difficult bedfellows

According to separate security reports from Cisco and Sipera's Viper Lab research arm, the exploits are carried out using techniques that lend themselves to the interpretation that the attackers are tapping into broad resources that make their work more effective.

The criminals are using brute force attacks to crack passwords, indicating they may be bringing cheap, easily available cloud computing power to bear, says Adam Boone, Sipera's vice president of marketing and product management. The scale of attacks at any given moment indicates that botnets might be in play, but there is no hard evidence that either they or cloud resources are involved, he says.

The most common exploit against compromised PBXs is toll fraud - using someone else's phone system to make long-distance calls. The second is forcing the PBX to call premium numbers controlled by the attackers that charge by the minute. Businesses whose PBXs have been attacked are billed. "In both types of fraud, enterprises are frequently unable to dispute the charges because they are unable to provide evidence that the charges are in error," the Sipera Viper Labs report says.

Cisco also noted the prevalence of vishing - telephone-based phishing - where callers pretend to be from banks, the government or other institutions and seek to get victims to relinquish valuable personal data such as Social Security and credit card numbers.

Cisco's report, which is about IT security in general, says, "VoIP abuse has been on the upswing and appears poised for further growth." A graph categorizing different classes of attack puts VoIP among those with potential but near to the group Cisco calls "rising stars" that includes Web exploits, money laundering and data theft Trojans.

The increase in VoIP attacks was first noted just before Halloween last year when the peak percentage of attacks against VoIP routinely rose to a high of about 30 per cent. In previous research, Sipera found that attacks directed against VoIP topped out at about 10 per cent, Boone says. Since last fall the percentage of total attacks that are directed at VoIP has continued to peak at about 30 per cent.

He offers three possible reasons for the attention VoIP is drawing. First, by and large VoIP systems are unprotected from outside attacks, he says. Second, VoIP is becoming more popular and reaching a critical mass that draws attackers. "It's common, and it gets the attention of hackers," he says. And third, there's money in it to be had easily.

Sipera has set up honeypots that are exposed to the Internet that appear to be unprotected VoIP systems. Once attackers have successfully broken in, the honeypots monitor what they try to do. They also locate the source of the attacks by country. The top three attack-launching locations are China, Russia and the U.S., followed by South Korea, Vietnam, Turkey and India, Viper Labs says.

Read more about lans and routers in Network World's LANs & Routers section.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitycloud computinginternetunified communicationsNetworkingvoiptelecommunicationData Centerhardware systemsanti-malwareConfiguration / maintenance

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?