Industry Alliance Formed To Fight VoIP Cyber Attacks

Major VoIP and security vendors, including 3Com's TippingPoint, Avaya, Symantec, and the SANS Institute among others, have formed the VoIP Security Alliance (VOIPSA) to discover and fight VoIP security risks.

The alliance is the first group to focus on security risks posed by increasingly popular VoIP technology. It is backed by a wide spectrum of organizations, including universities, security researchers, VoIP vendors, and VoIP providers. TippingPoint, a division of 3COM, has been instrumental in forming the group, and through it, hopes to hopes to use and improve a VoIP security testing tool it developed to find and research VoIP vulnerabilities.

The group warns that the growing convergence of voice and data networks magnifies the security risks posed by cyber attacks. Successful attacks against a combined voice and data network can cripple an enterprise, halt communications required for productivity, and result in unhappy customers and lost revenue, it claims. The group also wanrs that as VoIP deployments become more widespread, the technology becomes a more attractive target for hackers. And it believes that VoIP application-level attacks will likely occur as attackers become more familiar with the technology.

Among the charter members of the group are 3Com, Alcatel, Avaya, Codenomicon, Columbia University, Ernst & Young's Guiliani Advanced Security Center, Insightix, NetCentrex, Qualys, SecureLogix, Siemens, Sourcefire, Southern Methodist University, Spirent, Symantec, the SANS Institute and Tenable Network Security. A complete list of members can be accessed at http://www.voipsa.org/.