Cisco IP Phone easy to be hacked
Bob Sullivan of The Red Tape Chronicles recently posted a story about how popular office phones are vulnerable to eavesdropping.
“You can imagine the implications of this,” Stolfo said of the vulnerability. “Anything that is said behind closed doors isn’t private, no matter how sensitive the conversation is. There is no privacy. How can you conduct business like that?”
“On the dark side, these phones are sold worldwide,” Stolfo said. “Any government that would like to peer into the private lives of citizens could use this. This is a great opportunity to create a low-cost surveillance system that is already deployed. It’s a monitoring infrastructure that’s free, when you turn these into listening posts.”
[read the full article here]
Comments by: Michael Guadagno of www.iSPYck.com
In our experience, this type of phone, including many other similar and also older models, has been used for eavesdropping devices for many years. The YouTube video competently shows how the compromise was done by one group.
The demonstration is very good and, also, may be hard to understand for some people who are not technically inclined. This specific compromise shows a technical way to take control of the system. However, the initial access into the system, as explained in this particular demonstration, may be just a simplified technique. We would like to point out there are several, easier means of eavesdropping on a phone system or other office equipment, including the entire office telecommunication system.
The compromise will exist for years until a TSCM Sweep makes the discovery. https://ispyck.com/
