Have you jumped on the VoIP bandwagon? Secure? Think again as US hacker is jailed for 2 years after breaching security at 15 separate telcos with ‘incredible ease’
‘Evil’ Techie genius Robert Moore has recently been jailed in the US after exposing tremendous flaws in tens of telcos IT infrastructures stating it was ‘incredibly easy’ because of basic IT security mistakes.
His global hacking spree was targeted at telcos and corporations aiming to allegedly steal voice over IP services and sell them through a company he was working for.
“It’s so easy. It’s so easy a caveman can do it,” he laughed.
“When you’ve got that many computers at your fingertips, you’d be surprised how many are insecure.”
It has been reported that he stole 10 million minutes of service and re-sold them at discounted rates, netting more than $1 million from the scheme although only receiving $20,000 personally for his efforts.
AT&T reported at the trial that Moore ran 6 million scans on its network alone, aliases have been used for the other companies that were successfully targeted in an attempt to sure up confidence in their services.
One small telco went out of business because of expenses the company incurred due to the amount of traffic Moore was responsible for diverting through their network.
Moore said what made the hacking job so easy was that 70% of all the companies he scanned were insecure, and 45% to 50% of VoIP providers were insecure.
The biggest insecurity? Default passwords.
“I’d say 85% of them were misconfigured routers. They had the default passwords on them,” said Moore. “You would not believe the number of routers that had [Removed] or [Removed] as passwords on them.
We found the default password for it, and basically we could get in almost every time. Then we’d have all sorts of information, basically the whole database, right at our fingertips.”
Time to do a free security check on all your clients servers?
‘Evil’ Techie genius Robert Moore has recently been jailed in the US after exposing tremendous flaws in tens of telcos IT infrastructures stating it was ‘incredibly easy’ because of basic IT security mistakes.
His global hacking spree was targeted at telcos and corporations aiming to allegedly steal voice over IP services and sell them through a company he was working for.
“It’s so easy. It’s so easy a caveman can do it,” he laughed.
“When you’ve got that many computers at your fingertips, you’d be surprised how many are insecure.”
It has been reported that he stole 10 million minutes of service and re-sold them at discounted rates, netting more than $1 million from the scheme although only receiving $20,000 personally for his efforts.
AT&T reported at the trial that Moore ran 6 million scans on its network alone, aliases have been used for the other companies that were successfully targeted in an attempt to sure up confidence in their services.
One small telco went out of business because of expenses the company incurred due to the amount of traffic Moore was responsible for diverting through their network.
Moore said what made the hacking job so easy was that 70% of all the companies he scanned were insecure, and 45% to 50% of VoIP providers were insecure.
The biggest insecurity? Default passwords.
“I’d say 85% of them were misconfigured routers. They had the default passwords on them,” said Moore. “You would not believe the number of routers that had [Removed] or [Removed] as passwords on them.
We found the default password for it, and basically we could get in almost every time. Then we’d have all sorts of information, basically the whole database, right at our fingertips.”
Time to do a free security check on all your clients servers?
Leave reply