- Related Stories
-
Bots may get cloak of encryption
November 14, 2005 -
ISPs versus the zombies
July 19, 2005 -
Hacking for dollars
July 6, 2005 -
Feds to fight the zombies
May 23, 2005 -
Alarm growing over bot software
April 30, 2004
Moreover, because many voice over Internet protocol applications use proprietary technology and encrypted data traffic that can't easily be monitored, the attackers will be able to go undetected.
"VoIP applications could provide excellent cover for launching denial-of-service attacks," the Communications Research Network said Wednesday. The Communications Research Network is a group of industry experts, academics and policy makers funded by the Cambridge-MIT Institute, a joint venture between Cambridge University and the Massachusetts Institute of Technology.
The group urges VoIP providers to publish their routing specifications or switch to open standards. "These measures would...allow legitimate agencies to track criminal misuse of VoIP," Jon Crowcroft, a professor at Cambridge University in the U.K., said in a statement.
Essentially, some of the features to protect VoIP applications can now be used maliciously, Crowcroft said. "While these security measures are in many ways positive, they would add up to a serious headache if someone were to use a VoIP overlay as a control tool for attacks," he said.
In a denial-of-service attack, a flood of information requests is sent to a Web server, bringing the system to its knees and making it difficult or impossible to reach. Today, such attacks often involve many hacked computers, so-called "zombies," that have been networked in a so-called "botnet."
Cybercriminals rent out use of their botnets on the black market. About 60 percent of the world's spam is sent through such compromised computers, and the zombies are also used in extortion schemes where a Web site owner is told to pay or face a denial-of-service attack.
Botnets are typically controlled by an attacker via Internet Relay Chat. Zombies listen for instructions from their masters on IRC channels. Investigators monitor those channels to help catch cybercriminals, and Internet service providers can block traffic to the IRC servers used by zombies in order to thwart attacks, experts have said.
VoIP applications such as eBay's Skype and Vonage could give cybercriminals a better way of controlling their zombies and covering their tracks, the Communications Research Network said. "If the control traffic were to be obfuscated, then catching those responsible for DoS attacks would become much more difficult, perhaps even impossible," the group said in a statement.
There has yet to be an instance of an online attack launched through a VoIP application, but the Communications Research Network believes it is only a matter of time. "If left unresolved, this loophole in VoIP security won't just decrease the likelihood of (attack) detection and prosecution, it could also undermine consumer confidence in VoIP," the group said.
Communications Research Network contacted VoIP providers with its concerns, it said. Skype and Vonage did not immediately respond to a request for comment.
See more CNET content tagged:
cybercriminal, VoIP, zombie, Skype, Vonage Holdings Corp.
KM
- The Skype Is Falling, The Skype Is Falling
- by Stating January 25, 2006 10:43 PM PST
- Why go to the trouble of piggybacking off Skype to control botnets? This presupposes that Skype is already installed on the compromised computer. Why not simply install your own encrypted protocol after penetrating the computer? Who the heck needs Skype or other VoIP, along with all that overhead.
- Like this Reply to this comment
-
(4 Comments)This story is yet another example of an "expert" on somebody's payroll whooping up panic to further some secret agenda. By the way, I thought by now the global flu pandemic was supposed to have hit and killed a few billion of us.