VoIP can make firms vulnerable to hackers

WASHINGTON, April 18 (UPI) -- The growing use of Web telephony in the commercial sector has created a range of new vulnerabilities for corporate computer networks, say U.S. experts.

Last month Cisco Systems, one of the technology companies that provide Voice over Internet Protocol telephone services to large corporations, announced that some of its software packages were vulnerable to exploitation by hackers launching so-called Denial of Service attacks.

"Currently there are no workarounds for the bugs," reported British technology magazine SC, adding Cisco "is developing a permanent fix, which will be distributed when it becomes available."

"Various (VoIP) products ... from various vendors have been found to contain vulnerabilities that can either lead to a (system) crash or (give a hacker) complete control over the vulnerable server/device," the non-profit Internet security SANS Institute said in an advisory.

"VoIP networks have thousands of unique vulnerabilities that can be exploited to launch a variety of attacks," warns Sipera Systems Inc., which sells security solutions for VoIP systems. "These attacks can be from external sources such as hackers, malicious users and spammers or internal threats from disgruntled employees, infected (computers) or e-mail attachments."