INGATE

From The Sip Trunking Experts

TMCNet:  Security Researcher Demonstrates Enterprise VoIP Phone Hack at Recent Amphion Forum

[December 12, 2012]

Security Researcher Demonstrates Enterprise VoIP Phone Hack at Recent Amphion Forum

SAN FRANCISCO --(Business Wire)--

During the recent Amphion Forum, a conference where device and mobile security experts from different disciplines gather, Ang Cui, a fifth-year grad student from the Columbia University Intrusion (News - Alert) Detection Systems Lab, demonstrated how connected devices such as networked printers and voice-over-IP (VoIP) phones can be easily hijacked to give intruders virtually unlimited remote access to extremely sensitive information and allow them to eavesdrop on private conversations. The Amphion Forum is hosted by Mocana, a leader in device and mobile security.

Using a common Cisco (News - Alert)-branded VoIP phone, Cui inserted and then removed a small external circuit board from the phone's Ethernet port-something Cui asserted could be easily accomplished by a company visitor left unattended for a few seconds-and starting using his own smartphone to capture every word spoken near the VoIP phone, even though it was still 'on-hook.' While he did not specify the precise vulnerability, Cui said it allowed him to patch the phone's software with arbitrary pieces of code, and that this allowed him to turn the Off-Hook Switch into what he called a "funtenna." According to Cui, once one phone is compromised, the entire network of phones is vulnerable. Cui later said he could also perform a similar exploit remotely, without the need to insert a circuit board at all.

The vulnerability Cui demonstrated was based on work he did over the last year on what he called 'Project Gunman v2', where a laser printer firmware update could be compromised to include additional, and potentially malicious, code. With this, it becomes possible to remotely compromise a printer located within the organization's firewall and eavesdrop on documents being printed or stored, without ever setting foot n the premises. The compromised printer could then be used to launch other attacks on the internal network. The demonstration at the Amphion Forum in San Francisco took such an attack even further.


Cui pointed out that current security solutions don't work with embedded systems like VoIP phones and printers and code signing isn't enough. "Signing files doesn't make the files secure," Cui said.

He also said that routers, printers and phones are general-purpose computers without host-based intrusion systems or antivirus protection built in, so they make attractive targets. Further, they often lack encryption for data in motion or at rest.

Cui's research was carried out as part of a DARPA CRASH (from the I2O office) and IARPA Stonesoup Program, and he recently briefed agencies of the U.S. federal government about the potential for a serious attack on all its Cisco Unified VoIP phones.

"The VoIP phone vulnerability demonstrated at the Amphion Forum was a stark reminder of the need to address the device security mess. The sad fact is that most devices connected to corporate networks, like printers and VoIP phones, are almost totally unsecured," said Kurt Stammberger, CISSP, vice president of market development at Mocana (News - Alert) and chair of the Amphion Forum. "The Amphion Forum is a unique event where thought leaders from academia, business, government and technology can gather to discuss the threats and opportunities presented by the unprecedented proliferation of mobile and connected devices that are creating the Internet of Things."

The Amphion Forum was founded to provide a medium for stakeholders in the smart device economy to share solutions and forge a clear direction for the future of the Internet of Things. The most recent event was held in San Francisco on December 5 and attracted more than 350 participants and thought-leader presenters, making it the largest and most successful Amphion event since it was founded in 2011. Event organizers believe that by fostering a World Economic Forum-type environment, where big thinkers can share ideas for some of the most pressing issues facing the global device infrastructure, safer medical electronics, increased energy security and more secure industrial automation. For more information on the Amphion Forum, please visit www.amphionforum.com.

About Mocana

Launched in 2004 and recognized by the World Economic Forum as a 2012 Technology Pioneer, Mocana provides the only device-independent security platform that secures all aspects of mobile and smart connected devices, as well as the apps and services that run on them. Mocana's solutions dramatically increase confidence and compliance for the enterprise, OEMs, service providers and their customers. Millions of people use products sold by the more than 200 companies that rely on Mocana's solutions, including Cisco, Honeywell, Dell (News - Alert) GE and General Dynamics, as well as four of the top five Android handset makers. For more information, visit www.mocana.com.


[ Back To SIP Trunking Home's Homepage ]

Loading
Subscribe here for your FREE
SIP TRUNKING enewslettter.

Featured Partner


Featured Whitepapers

SIP Security for the Enterprise
Voice over IP (VoIP) is incorporated into a variety of computer networks, both public and private, and used for everyday transactions and communications among carriers, businesses, government agencies...

Making A Broadband Purchase Decision
Businesses today have many options for broadband connectivity. Clarifying your particular business needs prior to selecting a broadband provider will ensure an optimal match of broadband service to your requirements.

Voice-Optimized Network Delivers Premier Call Experience
Customers equate call quality with business quality. Real-time communication, interpersonal interaction, and the cordial tone of a call center representative can create a positive impression of your business that no email can match.

Featured Case Studies

Business Telecom Expenses Reduced 50%
A small to medium sized company in the midwest was interested in migrating to IP Communications, but in today's economy, they were hesitant to upgrade their communication system due to their perception that the cost would outweigh the benefits.

Multi-State Company Cuts Telecom Costs 50%
A multi-site, multi-state company with extensive monthly long distance fees and toll-free charges did not have adequate broadband for Broadvox SIP Trunking requirements, nor did they have a SIP enabled telephone system.

Discover Leisure Connects Remote Users to its IP-PBX
Discover Leisure is one of the largest resellers of caravans and motor homes in the UK. With 15 branch of?ces all over the country, the company spent a great deal of money every month just on internal phone calls.

Featured eBOOKS

Internet+: The Way Toward Global Unified Communication
Connecting the telephony of the enterprise PBX or Unified Communications (UC) system using SIP trunks instead of conventional telephone lines has been very successful in recent years.

What is SIP Trunking? Edition 2
SIP trunking is becoming more of a focus for service providers. One key issue many service providers face when deploying SIP trunks is NAT, or Network Address Translation, traversal.

What is SIP Trunking? Edition 1
A vast resource for information about all things SIP - including SIP, security, VoIP, SIP trunking and Unified Communications.

Featured Videos

Broadvox VAR Testimonial VAR 1:
Part 1 of the VAR (Value Added Reseller) Partner Program Testimonials for Broadvox...

E-SBCs AS The Demarcation Point:
Ingate's Steve Johnson talks to Erik Linask about the role session border controller plays as the demarcation point at...

Demystifying DPI
How can deep packet inspection protect your SIP traffic as well as your entire network?

Featured Resources

Partner Program Overview:
Over 4,000 VARs, Master Agents, Solution Providers, and Independent IT Professionals trust Broadvox. We offer customized services and solutions to fit seamlessly into any company's business model. And when you partner with Broadvox, every member of our team stands behind you and your customers 100%...

SIP Trunk UC Summit

What's New

Presenting the New Ingate/Intertex Website:
Internet+ is an extended Internet access allowing high quality SIP (Session Initiation Protocol) based real-time person-to-person communication, everywhere and for any application. It applies to both fixed and mobile networks ...

Featured Blogs

Featured Webinars

Secure SIP Trunking:
What You Need to Know

Successfully Deploying Enterprise SIP Trunking:
Tools and Techniques for Overcoming Common Roadblocks

Featured Podcasts

Getting the Most Out of Your SIP Trunks:
Ingate's Steve Johnson and TMC's Erik Linask discuss how best practices forgetting the most out of SIP Trunking services and common pitfalls to avoid.

Featured Datasheets

Ingate SIParator E-SBCs
Adopting SIP is a simple process with the Ingate SIParator, the secure enterprise session border controller (E-SBC). The SIParator makes secure SIP communications - including VoIP,SIP trunking and more - possible while working seamlessly with your existing network firewall.

Ingate Firewalls
Everyone is talking about enterprise usage of VoIP, instant messaging and other types of realtime communications including presence and conferencing.

SIP Trunk Solutions for Service Providers
The award-winning Ingate Firewall and Ingate SIParator deliver a high quality, reliable SIP trunk connection between the customer's IP-PBX and the service provider network, and solve interoperability issues to simplify deployments and support for remote diagnosis of reported issues.