Pin Me

New Defenses Against the Most Advanced Hacking Threats: Q&A with Author Patrick Park Part IV

written by: •edited by: Bill Bunter•updated: 5/5/2010

SPIT is a new threat facing small business, and author Patrick Park looks at what it means as we continue our series on new cyber threats

  • slide 1 of 1

    New Attacks: SPIT

    Bright Hub: A new term we're seeing is SPIT. This is essentially spam on VOIP. Do you think this is a real concern?

    Patrick Park: Yes, it's a real concern. The main reason SPIT is becoming popular is that it is cost-effective for spammers. As you know, legacy PSTN-call spam already exists in the form of telemarketer calls. Although these calls are annoying, they do not arrive in the same kind of volume as e-mail spam. The difference is cost; it costs more for the spammer to make a phone call than it does to send e-mail. This cost manifests itself in terms of the cost for systems that can perform telemarketer calls, and in cost per call. However, the cost is dramatically dropped when switching to SPIT for many reasons: low hardware cost, low line cost, ease of writing a spam application, no boundary for international calls, and so on. Additionally, in some countries, such telemarketing calls over the PSTN are regulated. In some cases, spammers utilize computational and bandwidth resources provided by others, by infecting their machines with viruses that turn them into "zombies" that can be used to generate call spam. Another reason SPIT is getting popular is its effectiveness, compared to e-mail spams. For e-mail spams, you may already realize that there is a big difference between turning on and off a spam filter for your e-mail account. In fact, most spam filters for e-mail today work very well (filter more than 90 percent of spams) because of the nature of e-mail; store and forward. All e-mails can be stored and examined in one place before forwarding to users. Even though users may still receive a small percentage of e-mail spams, they usually look at profiles (for example, sender name and subject) and delete most of them without seeing the contents. However, the method of filtering e-mails does not work for SPIT because voice is real-time media. Only after listening to some information initially can users recognize whether it is a spam or not. So, spammers try to put main information in the initial announcement so that users may listen to it before hanging up the phone. There is a way to block those call attempts based on a blacklist (spammers' IP address or caller ID), but it is useless if spammers spoof the source information.