How To Hack VoIP Companies

Convicted hacker Robert Moore says 'it's so easy a caveman could do it'
By Nick McMaster,  Newser Staff
Posted Sep 26, 2007 5:59 PM CDT
Attendees make free phone calls over VoiP at the Vonage booth at the 2007 International Consumer Electronics Show (CES) in Las Vegas, in this Jan. 10, 2007 file photo. Internet telephone company Vonage...   (Associated Press)
camera-icon View 3 more images

(Newser) – Robert Moore, a 23-year old facing a two-year prison sentence for hacking Internet phone service companies, tells Information Week that getting illegitimate access to the phone services was "so easy a caveman could do it". Moore said that sloppy systems administration left obvious security holes, such as the use of default passwords, in place in about 70% of companies he scanned.

Moore's employer posed as a wholesaler of Internet-based phone services, essentially selling one company's minutes to another. Critics say that the online industry's obsession with functionality has meant security never gets the resources it requires to implement even simple security measures, like strong passwords or IP-access restrictions, which Moore said easily, but infrequently, foiled his efforts. (Read more Internet phone stories.)