Friday, August 01, 2008

VoiP Systems As Easy As 1.2.3 To Hack ?

"Back in February, when little-known VoIPshield Systems sent a report to Cisco (NSDQ:CSCO), Avaya (NYSE:AV) and Nortel (NYSE:NT) detailing vulnerabilities in their VoIP technologies, the three largest IP-PBX vendors on the market shrugged off the report and never responded. The vendors began cooperating and acknowledging on their Websites of the risks to their VoIP systems, only after VoIPshield continued reporting the vulnerabilities publicly. Nortel attributed a vulnerability to VoIPshield on April 10, for example"

Above is a part of what an article on ChannelWeb of CRN. It was a very interesting aricle and I suggest that you visit the site and read it. But what I found to be more interesting is the comment left by VoIPshield's CEO, Rick Dalmazzi.

"but because most of the companies we talk to have Cisco VoIP installed. - Cisco has been extremely responsive to us from the beginning, and has reacted quickly to make patches available to their customers. ---------------doing a Google search and finding an exposed VoIP system has nothing to do with the vendor. It was shown to demonstrate how cyber criminals ply their trade and how some companies, through carelessness or ignorance, make it easy for them."

So next time, take analysts ideas with a grain of salt. But I did see a Cisco Call Manager System open to the web!

Analysis: Hacking VoIP, As Easy As 1-2-3 by ChannelWeb, and don't forget to read the comment mentioned above.

VoIPshield Systems


Blog Widget by LinkWithin