IOS Theft and Telephony: Something New to Worry About

 
 
By Ellen Muraskin  |  Posted 2004-05-20 Email Print this article Print
 
 
 
 
 
 
 

VOIP on managed networks won't be the first of hackers' targets, but it will be hurt if major IP carriers are attacked.

I assured readers with my first column that my job here is to report on VOIP, not to praise it. Which is why Im just as eager as anyone to get a read on the potential seriousness of the Cisco IOS source code theft and its implications for the reliability of IP-based communications. As reported by a Russian security Web site and confirmed by Cisco, hackers broke into the switching and routing giants network and stole 800MB of source code for IOS 12.3 and 12.3t. The IOS 12.3 operating system powers Ciscos networking product suite, including routers used in homes and small businesses and the 7000 series that makes up the Internet backbone. All of Ciscos infrastructure products—switches and routers—are exposed. I wrote five days ago that an IP voice application inherits the security of the data network. If someone can hack into your network infrastructure (typically composed of a Cisco router and switches) and bring it down, obviously, thats not a good inheritance. If your voice traffic is using voice over IP, it relies on the network infrastructure being robust. Whether its Ciscos Call Manager or anyone elses IP PBX youre using, a router ם and very likely thats a Cisco router — fronts the system.
Click here to read Ellen Muraskins column "VOIP Is as Secure as You Make It."
That router faces an IP WAN—a managed network—and as such is probably not the first of the hackers targets. But thats not long-term good news, according to my security maven. The first to be targeted may be the wholesale ISPs—the Sprints and MCIs and AT&Ts—whose lines and infrastructure of routers and switches form enterprises WANs as well as the Internet. Bring that network infrastructure down, and your phone and data system goes down with it. That scenario is the reason why many IP PBXs come with PSTN (traditional Public Switched Telephone Network) lifelines. Three days after the announcement of the theft, Cisco itself has no immediate assurance to offer the press. They officially reply:
    "Cisco is aware that a potential compromise of its proprietary information occurred and was reported on a public website just prior to the weekend. Cisco is fully investigating what happened. As a matter of policy, we take security very seriously and we continue to take every measure to protect our intellectual property, employee and customer information. Cisco will remain focused on its customers success and will continue to monitor the situation."
Ive also contacted major Cisco VOIP systems integrators, none of whom is willing to comment on the potential breach. I finally turned to Christopher King, CCISP, of Principal Security Group and former information security practice director at Greenwich Technology Partners, a major Cisco VAR with an active VOIP practice. I asked him if telecom or IT managers have something new to worry about here. His reply: "Hell, yes." He described the situation as a waiting game, while hackers study the IOS source for vulnerabilities, manually code attacks to bring down routers and then automate the exploit (the attack) so that it proliferates throughout the Internet. Next page: What network administrators can do.



 
 
 
 
Ellen Muraskin is editor of eWEEK.com's VOIP & Telephony Center. She has worked on the editorial staff at Computer Telephony, since renamed Communications Convergence, including three years as executive editor. Muraskin's work has also appeared in Popular Science magazine and other publications.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel