Internet phone services like Skype and Vonage may inadvertently assist cybercriminals in sending spam and executing Distributed Denial of Service (DDoS) attacks to take down websites.
Furthermore, security experts from the Communications Research Network—a collaboration between the University of Cambridge (UK) and MIT (USA)—indicate that VoIP software, which uses proprietary technology and encrypted data, is immune to third-party interference. “While this security method has many positive effects, it can also serve as a solid cover for attackers to exploit successfully without being detected,” explained Jon Crowcroft, a Professor at the University of Cambridge.
The Communications Research Network advises Internet phone providers to disclose routing standards or switch to open standards. “This measure would help legitimate organizations quickly detect the malicious tactics of criminals within the VoIP system,” Crowcroft stated.
Currently, such attacks are often carried out through zombie computers. These machines combine to form a network (botnet) and are controlled remotely. VoIP applications like Skype (currently owned by eBay) may provide criminals with a new tool to control these zombie systems. Skype and Vonage have yet to respond to these comments.
