Sjur Usken and Sandro Gauci have been working together doing research on VoIP security attacks. They recently presented some of their work at Hackcon, a security conference in Norway. In this podcast discussion on the VoIPUsersConference, they discussed a number of realistic VoIP attacks and what’s being exploited by fraudsters for profit. (Click on the podcast above this paragraph to listen.)

In January 2009, a Perth company where hackers made 11,000 calls via the company’s VoIP  ran up a bill of  AU$ 120,000. Read more: http://www.itproportal.com/security/news/article/2009/1/28/voip-toll-fraud-attack-racks-57k-bill-two-days/#ixzz0vBgVtLl8. Phone phreakers tend mask their identity, making it hard to track them down.

Sjur is a telecom consultant in Greenfield Consulting AS in Norway. He has been working with VoIP since 2002 and helping companies migrate to an all IP world.

Sandro is a security researcher and consultant based in the small island of Malta. He is the author of VoIP security tools SIPVicious, VOIPPACK and VOIPSCANNER.com. See http://enablesecurity.com/ and the relative blog at http://enablesecurity.com/blog/.

Another good conference to participate in regarding security, ID management, hacking, and privacy is Advanced Identity Management & Security 2010. Learn from other past podcasts and participate in new at VoIP Users Conference every Friday around 12 noon ET.