The Register® — Biting the hand that feeds IT

2008 - the year VoIP gets hacked?

The drawbacks of IP everywhere

See what The Register's experts have to say on application security

With VoIP rapidly becoming a commodity feature in everything from TV set-top boxes to barcode scanners, Sipera's VIPER Lab predicts that 2008 will be the year it all goes pear-shaped - a prediction borne out by Cisco's first security fix of the year.

VIPER reckons that denial of service attacks and eavesdropping, using hacked computers, will start to become serious issues during 2008. Cisco's latest advisory warns their Unified Communications Manager has a buffer-overflow bug which would facilitate the former, and offers a downloadable fix. But as public IP networks become part of the telecommunications infrastructure, the potential for hackers to cause mayhem increases.

Microsoft Office Communications Server is, apparently, what the forward-looking hacker is currently reading up on. The potential of using unified communications for all sorts of fraud becomes easier when it's controlled from one place.

Fixed/Mobile convergence is also suggested as a security weakness, with telecos connecting their systems to IP networks but lacking the skills to maintain the security of such connections.

Of course, the solution to all these problems is to hire a company like Sipera (owners of the VIPER Lab) to help.

The growth of VoIP also provides criminals with easy access to disposable phone numbers, which they use, along with a sprinkling of social engineering, to entice people to hand over their credit card details.

That's a problem that even Sipera is unlikely to be able to help with. ®

Understand how application security is evolving

Don’t Miss

Win a Samsung C6625!

Reg Lucky Draw Windows Mobile handsets up for grabs

Palm_Pre_001_SMIs your cameraphone an oxymoron?

Pic Review iPhone 3G v iPhone 3GS v Palm Pre

Vulture logo with head phonesWindows 7, Bing and security: Mr Ballmer regrets

Steve hopes Microsoft money can buy your love

Sign up, sign up for The Register IT security newsletter

Narrowcasting for the email classes