VoIP Hackers Shut Down Hospital Phone Lines

July 23, 2013 by Nathan Miloszewski

Security
Is your VoIP phone system secured against attacks?

LA Times writer Paresh Dave reported that a San Diego hospital was the victim of a distributed denial-of-service attack (DDoS) when an “extortionist who, probably using not much more than a laptop and cheap software, had single-handedly generated enough calls to tie up the lines.”

For two days phone lines appeared busy to the outside world.

Who Is Affected?

David writes that according to vague mentions in law enforcement documents telecom industry insiders, there have been a range of VoIP victims including:

  • Hospitals, nursing homes, and medical centers
  • A public safety agency and an emergency operations center
  • A manufacturer
  • Wall Street firms
  • Schools
  • Media
  • Insurance companies

There are more but “Many of the victims want to remain anonymous out of fear of being attacked again or opening themselves up to lawsuits from customers.” And the FBI is reporting that victims have paid up to $5,000 just to get the attackers to stop.

In the case of the San Diego hospital, the attack was stopped was using a “computer firewall filter.” There are devices available like Cisco security appliances that can reducing exposure to threats and unauthorized access.

Ongoing Problem

Two years ago the ClueCon VoIP conference featured a VoIP security discussion centered around the Lulz Security threats of the time, noting that,

Right or wrong, their hacking activities have proven beyond a shadow of a doubt two important points: Security is important, and good security is hard to find.

Couple that with the fact that there are hundreds of millions of VoIP endpoints installed around the world with more every day. IP PBX’s and SIP trunks are ubiquitous.

Skype has well over half a billion users. VoIP security matters, whether you are a developer, a provider, or even simply the end user.

Now as VoIP adoption rises, so too does the threat. One Australian business lost $120,000 because of VoIP hackers.

The FCC is working on a solution, reports David, but that may be a couple years away.

Until then, you should do as much as you can to protect your networks and be aware of the threat because as Frank Artes of NSS Labs was quoted as saying, “For all the money spent on Internet security, companies often overlook protecting their telephones.”

via LA Times

More from: Business VoIP Nathan Miloszewski

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Featured Posts

    VoIP Fulfillment by VoIP Supply: Same-Day Turnaround and High-Quality Output

    Take Action: The End of Copper POTS Lines is Near! (Replacement Options Included)

    *Comparison Chart* Introducing Fanvil’s V Series IP Phones

  • Popular Posts

    5 FREE SIP Softphones and affordable deskphone options

    What's my IP Camera's Default Password?

    FXS and FXO – You should be in the know…

    How To: Upload Firmware to a Polycom Unit

    Tech Tip: Converting a Cisco IP Phone from SCCP (Skinny) to SIP Firmware

    Setting up an Audiocodes MP-114/118 FXO with Asterisk and FreeSwitch

    Setting Up an AudioCodes MP1xx FXS With Asterisk

    3CX Versus Asterisk

    SIP for magicjack

    Bluetooth Headsets for Polycom VVX 500

    5 Reasons Why You Should Sell The Poly (Plantronics) Headsets – Webinar Recap


  • Read Our Feed

  • Latest

  • VoIP Post Categories

  • Archives