Bloke says hacking VoIP systems is a piece of cake

A CRACKER of Voice over IP (VoIP) services has told Information Week how he did it, just before starting a two year stretch in US federal prison.

Convicted felon Robert Moore, a 23 year-old from Spokane, Washington, said that breaking in to 15 telecommunications companies and hundreds of businesses all over the world was easy due to IT security holes. "So easy a caveman could do it," he said, alluding to a popular US television commercial and laughing. " When you've got that many computers at your fingertips, you'd be surprised how many are insecure."

Moore said that 45 per cent to 50 per cent of the VoIP providers he scanned were insecure and 70 per cent of companies were vulnerable. The biggest security flaw was default passwords. "I'd say 85 per cent of them were misconfigured routers. They had the default passwords on them," Moore said. "You would not believe the number of routers that had 'admin' or 'Cisco0' as passwords on them. We could get full access to a Cisco box with enabled access so you can do whatever you want to the box."

He went on, "We also targeted Mera, a Web-based switch. It turns any computer basically into a switch so you could do the calls through it. We found the default password for it. We would take that and I'd write a scanner for Mera boxes and we'd run the password against it to try to log in, and basically we could get in almost every time. Then we'd have all sorts of information, basically the whole database, right at our fingertips."

He said that he'd scan the net looking mainly for Cisco and Quintum boxes. Once he found one, he'd see what model it was and then look for vulnerabilities like default passwords or old, unpatched software bugs. If he didn't find default passwords or easy exploits, he'd then turn to dictionary attacks and brute force password guessing. µ