Hacking VOIP Phone Calls – Easy?
As long ago as 2007, it was demonstrated by Peter Cox, a UK based VOIP expert that with relatively simple to develop software, it was possible to hack a user or network and record phonecalls made over VOIP (reports The Inquirer).
He demonstrated a program called SIPtap, which basically detects VOIP calls on a PC or network and records them. There is also the claim from Cox that the software could work at an ISP (internet service provider) level as well, throwing out the incorrect notion that VOIP is secure.
Coupling the SIPtap tool with a Trojan would allow any government agent, industrial snoop or even journalist to record phone calls on the very network that is being hacked.
The suggestion that VOIP is secure is an incorrect one – sharing information about this is vital if users are to be fully aware of the potential lack of security in such a system.
While there is an effort to add some form of encryption to VOIP systems, the costs of implementing this could be just as great as making the switch to VOIP in the first place. Protection against this means assessing your current security setup, monitoring telephone use and attempting to hack your own system - see our guide to Ethical Hacking for more ideas about this.