Monday, November 19, 2007

VoIP Security Vulnerabilities to rise in 2008: McAfee

In McAfee's predictions for 2008, McAfee Avert Labs Top 10 Threat Predictions for 2008
has valuable information regarding over all security. Two of them relate to our industry and I have listed them here. We have written about security many a times, like things discovered at Blackhat 2007 and have published information about security webinars. Keeping up with the tradition here are the information provided by McAfee, something to call yourselves about.
9. VoIP Attacks Speak Up
VoIP attacks should increase by 50 percent in 2008. More than twice the number of VoIP-related vulnerabilities were reported in 2007 versus the previous year—several high-profile “vishing” attacks, and a criminal phreaking (or fraud) conviction—so it’s clear that VoIP threats have arrived and there’s no sign of a slowdown. Although ABI Research estimates 1.2 billion VoIP users by 2012 (with $150 billion annual service revenues), the technology is still new to many and implementing defense strategies is lagging.
4.Instant Malware: A Different Kind of IM For several years, researchers have warned of the risk of a self-executing instant-messaging (IM) worm. This threat could spawn millions of users and circle the globe in a matter of seconds. Although IM malware has existed for years, we have yet to see such a self-executing threat. While it’s anyone’s guess exactly when this threat will emerge, the stars may be starting to align. The National Vulnerability Database reports more than twice the number of AIM, YIM, and MSN Messenger vulnerabilities for 2007 over the prior year. More important, there were 10 high-severity risks in 2007, compared with zero in 2006. Additionally, the top IM virus families of 2005 and 2006 were replaced with new active threats, signifying an “out with the old and in with the new” milestone. With nearly a quarter-billion users, Skype suffered its first batch of worms in 2007. Many more are expected to follow.



Blog Widget by LinkWithin