Cisco IP phones prone to hackers

Contact centres and businesses using a popular make of internet phone were at risk of having their communications intercepted and confidential information leaked, a hacking group demonstrated.

Security consultant Chris Gatford showed SC Magazine how internet-protocol phone systems from market leader Cisco were vulnerable out of the box to attacks that were widely known. He said clients of his had lost $20,000 a day through such exploits.

Cisco spokesman said the networking vendor

A Cisco spokesman said the networking vendor was serious about security and advised users to apply the relevant recommendations in the manual to secure their systems.

Gatford said VoIP (Voice over Internet Protocol) phone systems could turn on their users, hacked to become networked listening devices or 'bugs', wiretapped remotely or silenced, blacking out communications. Contact centres that often use internet-protocol phones because they were cheap to run, were especially at risk, he said.

"You can imagine if you’re an employee who wants to listen into the boss while a meeting, that the phone in the conference room will be a target."

Gatford, director of the Sydney penetration tester HackLabs, demonstrated how phone conversations were illictly recorded, injected with sound or redirected including expensive and elusive offshore premium numbers.

Similarly, a distributed denial-of-service attack could take a phone fleet offline, said Gatford, who had seen them cripple networks at Australian companies.

He said businesses mostly only fixed their networks once they were hacked: "When [voice over internet protocol] security is considered, a crucial area to assess is risks".

Western Australian police reported attacks on VoIP phones this year cost three businesses $70,000, and in 2009 criminals rang up phone bills exceeding $120,000.

HackLabs will present a VoIP hacking workshop at AusCERT straightway week that combines theory and a hands-on attack lab on an IP phone network.