VoIP Phones Now Targets of Hackers: Cisco Ranks First in the Crosshairs But is Far from Alone

By Peter Bernstein December 12, 2012

The hit Mel Brooks film of 1981, History of the World Part 1, contains the wonderful quote from Brooks playing King Louis XVI where he says, “ It's good to be the king!” In the movies, this is true most of the time.   However, being the top gun in anything has risks as well as rewards. It means everyone wants to figuratively and unfortunately literally, take a shot at you. Over the years, such has been the case with Cisco since it emerged as the leader in voice over IP (VoIP) enterprise IP telephony solutions.

In fact, go to Google and type in “hacking VoIP phone systems.” It is depressing on several fronts. The first is the number of entries. Second and third are how long this has been a problem, and the fact that no vendor seems immune. However, last but not least is that Cisco has a big target on it as can be seen from the number of items associated with its VoIP phones.

For instance, last year, the HackLabs cracking demonstration of a VoIP hacking workshop at the AusCERT security conference in Australia, featured a Cisco phone being compromised. The demo showed how virtually any VoIP phone remains vulnerable to popular hacking techniques which means that:

  • ·Call data can be downloaded
  • ·VoIP conversations can be redirected, illegally recorded or similarly manipulated

In fact, at the time Bjoern Rupp, GSMK CryptoPhone's CEO, noted that VoIP phone systems could become networked listening devices, wire tapped remotely or silenced. His point was that VoIP phones are purpose-built computers and therefore need to be protected, just like other computers and currently they come up lacking.

Just how much are they lacking, you ask? Very—something a recent demonstration at the Amphion Forum conference by fifth year grad student Ang Cui from the Columbia University Intrusion Detection Systems Lab showed . 

Without going into all the details, what Cui demonstrated using a Cisco phone, was that by removing a small external circuit board from the phone’s Ethernet port—something that could be done easily and quickly by a “visitor” to your office—by using a smartphone every word spoken over that VoIP phone could be captured even though the VoIP phone was “on-hook.” And, the story gets worse.

According to Cui, not only was the secret in being able to patch the phone’s software with arbitrary pieces of code enabling him to turn the Off-Hook Switch into what he called a “funtenna,” he also claimed he could also do this remotely and without the need to insert a circuit board at all. And, it probably does not need to be said, but once one phone is compromised the potential is there for the entire phone network to be so as well.

Cui’s research at Columbia was through the auspices of a DARPA CRASH and IARPA Stonesoup Program. His work caught the attention of several U.S. federal government agencies whom are big Cisco VoIP phone system users, whom he has briefed on the subject of the vulnerabilities he found. Needless to say, it should cause you to be asking your VoIP vendor, and as mentioned above this really is not about Cisco but is about VoIP systems vulnerabilities in general, about what if anything you need to do to protect your enterprise from those who wish to do your organization harm.

This is much more than being concerned about denial of service attacks and malware infecting your network or bringing down your phone system because it is a data device. As the two hacking demos have highlighted, this is about the ability compromise your voice communications in all sorts of nefarious ways. It is difficult to put a value on peace of mind, yet it is easy to see the havoc that can be wrought as witnessed in the ongoing British tabloid hacking scandal that has rocked the Murdoch media empire. 

Now would be a good time to make that call.




Edited by Jamie Epstein
SHARE THIS ARTICLE
Related Articles

How Do the Year's Threat Predictions Match Reality?

By: Special Guest    8/24/2016

Last year, Fortinet's FortiGuard Labs global threat research team made a series of predictions about cyber threats in 2016. We are now halfway through…

Read More

Automakers Invest in Wearable Tech Pilot Programs

By: Lindsey Patterson    8/24/2016

The advent of wearable technology has recently generated a number of creative products. Consumers check for email messages using "smart" watches and i…

Read More

AI's Major Role in EU's New Data Privacy Regulations

By: Special Guest    8/23/2016

Earlier this year, the European Union passed the General Data Protection Regulation - landmark legislation addressing data protection and privacy conc…

Read More

Broadband Delivered by Fiber Proves Better than Alternatives

By: Doug Mohney    8/23/2016

We're a couple years out on an unprecedented boom in broadband, with new wireless schemes, 5G, high-flying drones and constellations of satellites cov…

Read More

BYOD Could Mean Bring Your Own Disaster

By: Special Guest    8/22/2016

As adoption of wearables becomes more mainstream in the Middle East, it brings added complexity to BYOD in an enterprise. One of the more interesting …

Read More