There is nothing new to this theory. Only now, it is being thought and discussed seriously and perhaps worked upon at a far greater pace than before.



This article in TMCnet has cited experts that cyber-criminals can get use VoIP services to launch DDoS attacks crippling websites, send spam or use it for hacking, sending viruses, spooks etc over other networks and systems.



Also, this makes services from providers like Skype particularly attractive for these mischief-makers as their applications use proprietary technology and encrypted data traffic that can’t easily be monitored, hence, making the attackers undetectable.



In fact, Skype’s is an amazing technology that can traverse NAT/firewalls. So, an averagely smart cyber-criminal can use Skype’s services to piggy-back malicious programs into networks like bots that can be controlled remotely turning the computer into what is known as a zombie. Once infected, your computer can be commanded to launch DDoS attacks on networks without you knowing what is happening.



Communications Research Network (CRN) said Wednesday;

VoIP applications could provide excellent cover for launching denial-of-service attacks.


CRN now is urging VoIP providers to publish their routing specifications or switch to open standards. Yet, will VoIP service providers like Skype do that voluntarily? I have my doubts on this really. Unless, something serious happens, no one is going to do much about it. The pressure would be turned on only after there is something to show that yea, indeed their state secrets (routing specifications) are doing a great harm to business and security.



A major cyber-crime using VoIP as the means to launch the attack is imminent. In fact, I had been wondering about what is making the cyber-miscreants take so long.



For me, giving up using proprietary protocols and adopting open standards seems to be the only solution at this moment. It doesn’t mean that attacks wouldn’t be taking place, but then development of security systems can be focused and standardized and tracking of cyber-criminals by legitimate agencies would become much easier.



More on VoIP Security



Also Read