[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Monday, 19 September 2005, 09:30 GMT 10:30 UK
Hackers target net call systems
Old-fashioned phone, Eyewire
Net phone systems could prove irresistible to hackers
Malicious hackers are turning their attention to the technology behind net phone calls, says a report.

The biannual Symantec Threat Report identified Voice over IP (Voip) systems as a technology starting to interest hi-tech criminals.

The report predicted that within 18 months, Voip will start to be used as a "significant" attack vector.

As well as prompting new attacks, Voip could also resurrect some old hacking techniques, warned the report.

Call charges

Voip has been in the news a lot in 2005 as more and more people realise how much money they can save by making some of their calls via the net instead of through old-fashioned phone lines.

But routing phone calls via the net makes Voip systems vulnerable to a whole series of security problems, notes the Symantec report.

The growing use of Voip could encourage the emergence of:

  • audio spam that clogs voicemail boxes with spoken adverts
  • voice phishing that tries to con people into handing over confidential details
  • caller-ID spoofing which allows conmen to make it look like they are calling from a legitimate number such as a victim's bank
  • call hi-jacking that re-directs calls to conmen and criminals

Ollie Whitehouse, technical manager at Symantec's research labs, said it was important not to overplay the threat from the subversion of Voip technology.

"While there are currently very few reported attacks directed at Voip systems," he said, "Symantec believes it's only a matter of time before attackers target it more intensely."

The report also said that Voip could fuel a renaissance of an old hacking technique known as war-dialling.

In its original form this involved making a huge number of phone calls to find out which ones respond with a data tone.

THREAT STATISTICS
48% increase in Windows viruses in six months
74% of the top 50 malicious code samples steals confidential information
80% of the top ten adware programs install themselves via browsers
50% of top ten adware programs hijack browsers
61% of all e-mail is spam
51% of all spam originates in the US
Some hacker groups could trawl through Voip numbers to find what is sitting at the other end of them or to root out poorly protected servers that can then be exploited.

The report also mentions other computer security threats that continue to be a problem.

Symantec researchers have noticed the growing use by criminal hackers and hi-tech crime groups of stripped down worms, viruses and trojans to compromise machines.

Once installed, the programs contact a server and download new parts so they can cause more damage to the computer hosting them or other machines on that network.

So-called bot herds - networks of compromised PCs under the control of a malicious hacker - continue to be used as launch pads for other types of attack.

Increasingly common, Symantec researchers noted, was their use in carrying out denial-of-service (DoS) attacks which bombard target machines with so much data that they cannot cope.

The report noted that, on average, 927 DoS attacks were being carried out every day.




SEE ALSO:
Portal bid drives eBay Skype deal
12 Sep 05 |  Technology
Search engines take on talk
28 Aug 05 |  Click Online
Microsoft plans telephone service
31 Aug 05 |  Business
Q&A: Internet Protocol TV
09 Mar 05 |  Technology
All about VoIP
07 Sep 05 |  Working Lunch
Mobiles get anti-virus protection
02 Sep 05 |  Technology


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

Americas Africa Europe Middle East South Asia Asia Pacific