Dan York has written a lengthy post on how SANS (SysAdmin, Audit, Network, Security) Insitute has identified VoIP among their top 20 Internet Security Threats for 2006. They’ve identified six major trends in Internet security attacks, and VoIP is one of them, primarily via vulnerabilities in systems like Asterisk and Cisco Call Manager.Â
It’s a first, apparently.Â
Alec Saunders is the Vice President of Developer Relations for BlackBerry make Research in Motion. This is his personal blog, with his personal viewpoints. Prior to this Alec was the CEO and co-founder of Calliflower — the easiest way to hold a meeting, online, on a conference call, or on the go. A double-decade veteran of product management and marketing, he spent nine years at Microsoft where he helped launch Windows 95, the first two versions of Internet Explorer, the Universal Plug and Play initiative, the push into home markets, opt-in email marketing and what might well go down in history as the very first direct email list ever.
{ 2 comments… read them below or add one }
Alec,
Thanks for the mention. The "first" is that the SANS Institute has been publishing this "Top 20 Internet Security Attack Targets" list for several years, but this is the first time that VoIP has been on the list. In previous years, it was more about the underlying network, the operating systems, etc. But now it is their opinion that VoIP is a significant enough presence on the Internet that it *will* be attacked… and therefore it is worthwhile to call attention to that fact so that security professionals can ensure they are protecting it.
Regards,
Dan
P.S. The list was previously called the "Top 20 Critical Internet Security Vulnerabilities", but I guess that name didn't sound as aggressive as "Attack Targets".
P.P.S. Love your blog, BTW!
Thanks Dan