DETROIT – For those readers who are already InfraGard members, you will be receiving (or have already received) an email ‘Save the Date’ for an exciting event coming up in April. The event is a very hush-hush one that you will be glad you put some time aside for. So please do as the email suggests, and open your calendar up for this upcoming InfraGard Members only exclusive event.

VoIP Security Update

On another note, I made a presentation on VoIP security at SecureWorld back in November of last year. VoIP security is a gnat on the tail of the security dog in terms of the attention it got in 2008 as well as the tools available to deal with it. The number of VoIP phone systems continues to grow, replacing traditional TDM phones at a rapidly escalating rate since they surpassed traditional phone systems in sales in 2005. These VoIP systems more often than not reside right on the same network wires as the data networks that we spend lots of money to protect.

What does this do? It provides a new easy access point for someone that wants to get to your data network by going through your voice network to get to it. But besides that new threat, all the old threats that you had with a TDM system where people would try to hijack your trunk lines to make free long distance calls also exist, they just become easier to execute from anywhere in the world.

In my report in November, I identified that these attacks in all their forms tend to parallel the data world in that specific vulnerabilities with each operating system are identified and exploited. At that time, the best information available was that most of the exploits that had been observed and documented in the wild were targeted at the largest three vendors of VoIP systems at that time – biggest market share usually equals biggest target. The best advise available? Keep your system current with patches and stay vigilant.

I also practice another strategy that works in the parallel data security world – security by obscurity, which is picking a good platform that isn’t mainstream. That practice has worked for us up until this week, when we got over 2,700 unauthorized attempts to connect and authenticate rogue SIP devices to our (not top 3 but very solid) VoIP system. Not that I am paranoid, but I am not publishing the system we use – it just makes a hackers job easier. This note serves as my gentle reminder to those of you out there that are enjoying the fruits of VoIP technology that the bad guys are not asleep at the wheel when it comes to developing new exploits – and you can’t afford to be either.

This column was written by Hans Erickson, CIO of the Detroit Regional Chamber and Information Officer for Michigan InfraGard. If you have column ideas for Erickson, you can email those to email [email protected]<

a>>