A Story of Cisco IP Phone: Can Your Cisco VoIP Phone Spy On You?
Earlier this month, fifth year Columbia grad student Ang Cui demonstrated a vulnerability that allowed a 7900 series Cisco VoIP phone to be turned into a high-tech listening device, capturing any sound near the phone.
Cui revealed the exploit he and his colleague Salvatore Stolfo discovered at the San Francisco Amphion Forum. In the demonstration, Cui quickly attached a device he calls the "Thingp3wn3r" to the phone, showing the ease with which it could be physically compromised. Once attached, the Thingp3wn3r circumvents the phone's "off hook switch" which normally disconnects the receiver's microphone when the phone is hung up.
The compromised phone, however, kept its microphone active and sent the audio it captured to Cui through a custom-made smartphone app. Though the phone's receive was in its cradle – seemingly inactive – it had effectively become a means to eavesdrop on anything said nearby.
The dramatic demonstration was made all the more serious when Cui showed pictures of various high ranking government officials, among them President Barack Obama, with Cisco VoIP phones on their desks. Worse still, PhysOrg reports that once a single phone was compromised with Cui's device the entire network of phones was potentially accessible.
Thankfully, this specific vulnerability is no longer viable. In a statement issued by Cisco, the company acknowledged both the vulnerability and their efforts to address it.
"We can confirm that workarounds and a software patch are available to address this vulnerability, and note that successful exploitation requires physical access to the device serial port, or the combination of remote authentication privileges and non-default device settings. Cisco thanks Ang Cui and Salvatore Stolfo for allowing our team to validate the vulnerability and prepare a software patch ahead of the presentation."
Forbes also reported that a patch is already available and will be in wide release come January. Concerned users should contact Cisco directly.
The presentation, and much of Cui's research, demonstrates that a threat can come from a seemingly innocuous source like a VoIP phone or a network printer. For governments and corporations, simply securing the computers and networks is simply not enough.
More Cisco News you can visit: http://blog.router-switch.com/