SANS to Teach VoIP Security Course for First Time in Europe

The SANS Institute will be teaching the first European session of its new Security 540: VoIP Security course at the upcoming SANS Secure Europe event in Amsterdam this May. The 6-day course which debuted last year in Sacramento has proven popular and is already at 50% capacity.

“Voice over IP is a rapidly growing area due to the huge cost saving potential but organisations often fail to consider the security impact,” explains Paul Henry, one of the world's foremost information security and computer forensic experts with more than 20 years' experience.

Henry points to examples such as arrests made In Budapest and London last year of 30 members of an organised criminal gang that allegedly stole 11 million Euro’s through VoIP toll fraud. The gang used thousands of stolen VoIP account details to make 1.5 million calls to premium rate numbers which, in turn paid the gang a percentage of the inflated call charges. Other cases like Edwin Andres Pena who was sentenced to 10 years in jail in a US Federal Court for stealing and reselling VoIP call credits are part of a growing trend. “The automated billing mechanisms of VoIP services using direct debit or credit cards make these prized targets for criminals who often have difficulty selling stolen data,” Henry adds.

However, the problem is not just the theft of calling credits. As data and voice coexist on the same networks, criminals use weaknesses in one area to gain access to the other. “The information gained from hacking into sensitive voice conversations can be used for insider trading or corporate espionage,” explains Henry who points out that few organisations encrypt VoIP traffic sent across shared networks. “The widely held assumption that VoIP traffic is difficult to intercept is plainly wrong,” he comments, pointing to a growing number of free tools that will capture SIP based voice calls and turn them into audio files via minimal access to a shared IP network.

Henry, who regularly advises and consults on some of the world's most challenging and high-risk information security projects, believes that only 1 in 10 organisations that deploy VoIP specifically look at the security implications of these new voice services.

The SEC540 course that Henry will teach at SANS Secure Europe provides VoIP security best practices and technologies in order to design, deploy, and audit trusted VoIP infrastructures. The intensive course offers a detailed in-class analysis of infrastructure, signalling, and media attacks to expose the security risks of VoIP networks for service providers, carriers, and enterprises.

Students will be shown how to understand and protect against various attacks from VoIP signalling and media eavesdropping, caller ID impersonation, and VoIP authentication cracking to man-in-the-middle call manipulation and media injection. “The course is very hands on and will give attendees a real understanding of how to test and protect VoIP networks against an increasingly focused and organised criminal element,” Henry concludes.

More information on SANS Secure Europe 2011, which takes place from May 9th to 21st in Amsterdam, is available at

Posted on Apr 18, 2011  Reviews | Share |  Digg
Filed in:
All comments require the approval of the site owner before being displayed.

Post a Comment

Please use a valid e-mail address. Your address will not be publicly visible and is only a means for us to contact you when asked. Thank you.

(will show your gravatar icon)
Home page

Comment (Some html is allowed: )  

Enter the code shown (prevents robots):

  All brand, company, and product names are trademarks or registered trademarks of their
  respective owners. © 2012 VoIP Monitor. All rights reserved. Privacy Policy  Terms