Linux Today: Linux News On Internet Time.

Amazon Brute Force SIP Attacks – Dave Michels Interviews Me

Apr 20, 2010, 12:04 (0 Talkback[s])
(Other stories by Stuart Sheldon)

"Shortly After my "SIP Brute Force Attack Originating From Amazon EC2 Hosts" post, Dave Michels interviewed me for an article Dark Side of the Cloud. This is that interview:

"Dave: What do you believe the intent was of the attacks? Free long distance?

"Stu: Certainly free long distance would be one reason… But there are many other reasons to hijack a SIP account. I'm sure that organized crime would pay for a block of active SIP logins. They could use them to circumvent surveillance, or possibly use them for fraudulent boiler room calls about extended warranties and such.

"Remember, most folks still believe that the Telephone System is secure… They tend to believe someone who is calling them.

"Dave: Do you know of any systems that were compromised by the attacks?

"Stu: That were actually compromised? No, I have no direct knowledge of that, but most of that info won't be available for months. Let's face it, we (SIP providers) have only heard about the attacks that were caught. If you look at the overall picture, we are probably only seeing about 2%-5% of the total attacks reported at this time. From reviewing the logs on our systems, I could see how this attack could easily compromised accounts."

Complete Story

Related Stories: