Keeping Hackers Off VoIP
Any new technology has bugs in its system to work out, and phone calls that run over the Internet are no exception.
VoIP, or voice-over-Internet protocol, calls can get "spoofed," SPIT" (spam-over-Internet-telephony), "sniffed" and even stalked by "computer zombies" that hackers control remotely to launch all kinds of attacks. However exotic the language, the logic is clear: These are serious security issues.
The problem is even the experts don't agree on how to address the challenges.
Take encryption, for instance. The average VoIP subscriber, lured by a price tag that's 80% and 90% less than a land line, is comforted to hear that his VoIP provider "encrypts," or protects, phone calls.But while some fully encrypt calls, others don't, says Vincent Weafer, senior director of security response at Symantec (SYMC), the company that created the popular Norton antivirus software. "Everyone I've looked at encrypts at least the initial user-authentication portion of the call, which is the most sensitive data because it contains your user ID and password." Encryption promises often aren't fully reliable, says Doug Graham, a consultant for BusinessEdge Solutions in East Brunswick, N.J., whose clients include AT&T (T), Verizon Communications (VZ) and Time Warner's (TWX) cable unit. "Most companies say encryption helps, but once the conversation starts, that conversation is generally not encrypted or protected." Only some companies own the wires end to end, which is why they can't guarantee content remains private," says Graham. Vonage (VG) spokeswoman Brooke Schultz says encrypting private conversations isn't necessary. "It would be very hard to target into one conversation -- the hacker would have to have access to a network or to a home user's machine." But that's exactly what they do, say Weafer and Graham. Special software can eavesdrop, intercept and interrupt your calls, says Weafer. If your leave your computer unprotected and a hacker steals your user ID and password, he can start to "impersonate you and make calls in your name." VoIP attacks range from the merely mischievous (calls that "spoof," or pretend, to be you) to the malicious (calls that redirect financial transactions to a third party).
Select the service that is right for you!COMPARE ALL SERVICES
- $2.5+ million portfolio
- Large-cap and dividend focus
- Intraday trade alerts from Cramer
- Weekly roundups
Access the tool that DOMINATES the Russell 2000 and the S&P 500.
- Buy, hold, or sell recommendations for over 4,300 stocks
- Unlimited research reports on your favorite stocks
- A custom stock screener
- Upgrade/downgrade alerts
- Diversified model portfolio of dividend stocks
- Alerts when market news affect the portfolio
- Bi-weekly updates with exact steps to take - BUY, HOLD, SELL
- Real Money + Doug Kass Plus 15 more Wall Street Pros
- Intraday commentary & news
- Ultra-actionable trading ideas
- 100+ monthly options trading ideas
- Actionable options commentary & news
- Real-time trading community
- Options TV