First and foremost, as enterprises deploy SIP Trunks and UC for the
mobile workspace, denial of service (DoS) and distributed DoS attacks
on VoIP networks will become an increasingly important issue.
HTTP or other third party data services running on VoIP end-points will
be exploited for eavesdropping and other attacks.
The hacking community, experienced with exploiting the vulnerabilities
in other Microsoft offerings, will turn its attention and tools towards
Microsoft OCS - taking advantage of its UC connections to public IMs,
email addresses and buddy lists to create botnets and launch attacks.
As well, enterprise federation for OCS, a major productivity and
business process enabler, will be a source of greater VoIP security
risk since it exposes once closed networks to the risks found in other
federations.
Hackers will set up more IP PBXs for vishing/phishing exploits. Vishing
bank accounts will accelerate, due to ease of exploit and the appeal of
"easy money."
VoIP attacks against service providers will escalate, using readily
available, anonymous $20 SIM cards. With UMA becoming more widely
deployed, service providers are, for the first time, allowing
subscribers to have direct access to mobile core networks over IP,
making it easier to spoof identities and use illegal accounts to launch
a variety of attacks.
1/16/2008
Top 5 VoIP Threat Predictions for 2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment