This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
McAfee: More VOIP Security Woes for 2008
I keep hearing that VOIP-specific attacks aren't your biggest worry: Mark Collier of SecureLogix and VOIPSA said that at VoiceCon San Francisco in August, and Dan York, of Voxeo and now VOIPSA, concurred at Interop New York in October.
Did something change?
I doubt it. For one thing, any list of Top 10 security threats is going to have to include VOIP, because there aren't all that many meta-categories of security threats. As the McAfee report notes, VOIP is still pretty new and not every company is up to speed on defenses, so right there VOIP security qualifies as a major threat area.
As for the 50 percent increase, McAfee notes that reported VOIP vulnerabilities "more than doubled this year over 2006 (actually, their bar chart shows vulnerabilities more than tripling, from 20 in 2006 to more than 60 in 2007). More vulnerabilities means more likelihood of attacks targeting VOIP infrastructure directly, but all the smart VOIP security people I know say that the bigger threats still involve some attack on the underlying IP network, like denial of service.
When VOIP endpoints become more widespread, then of course it's a whole new ballgame.