Recent Voicemail Hacking allegations at Murdoch News World exposes new Vulnerabilities in Communication Networks July 8, 2011
Posted by admin in : Uncategorized , trackbackRecent coverage on voicemail hacking at “The News of the World” has exposed new set of vulnerabilities and threat vectors that can plague telephony networks. Allegations continue to multiply over its journalists hacking into voicemails of thousands of people from child murder victims, war victims, members of the royal family, parliament and other important dignitaries. Sensitive conversations were either phone tapped or voice mails hacked into to gather dirt material that eventually made it into the tabloids. According to latest coverage on the topic, the magnitude of the scandal has resulted in a decision to close the “The News of The world” paper.
In this global information age, the power of early access to information by perpetrators through malicious means often is a pre-cursor to more sophisticated illegitimate activities such as insider trading activities, leakage of sensitive information, stealing of company trade secrets, industry espionage or press tabloid materials as in the above case.
The growing prominence of IP- based communication networks and applications are empowering the user with ubiquitous instant-on connectivity, communications and collaboration with any person from any device, any location and at any time. This powerful user experience was never possible before and is now achievable through all pervasive and standard based IP networks. As a result, the conventional definition of perimeter security defense no longer exists. Any weakest link in the end-2-end communication leg can now effectively become the prima facie point for perpetrators to conduct malicious activities.
The stakeholders must understand that securing IP based communication networks and applications present unique security challenges that are vastly different and much stringent when compared to securing data applications – requiring near- zero false-positives and negatives, possessing deep understanding of call control (and services) stacks, device tracking, user/ application analytics, firewall capabilities possessing deep understanding of voice/video and UC protocols. The pervasiveness of IP-based communication networks makes it just much easier now to carry the hacking activities – wiretapping into conversations, brute force crawling and identifications of legal usernames/ extensions, illegitimate call pattern tracking, interception/rerouting of call traffic to hacker locations, presence tracking, stealing confidential voice messages from specific individuals (or extensions) are just few examples of security threats that can plague VOIP/UC networks if proper security measures are not enforced.
RedShift Networks honey pot research conducted over several months has indicated several threat vectors open in the wild today ranging from Voice/UC Denial-of-Service (VDOS/UC-DOS) attacks, SPAM over Internet Telephony (SPIT) attacks, Eavesdropping, Spoofing, Number Harvesting, Protocol Fuzzing, Toll Fraud, SQL Injections, Media tampering and a myriad of UC Infrastructure and Application layer threats. All these new threat vectors go completely undetected using existing protective solutions. Gartner in their recent study strongly recommend the use of SIP-aware Firewalls to protect your communication networks. For more information about RedShift Networks, products and services, please visit www.redshiftnetworks.com.
Ref — http://news.yahoo.com/uk-soldiers-targeted-murdoch-phone-hacking-scandal-report-030337129.html
Comments
Sorry comments are closed for this entry