The VOIP Security Alliance, or VOIPSA, launches today. So far, 22 entities, including security experts, researchers, operators and equipment vendors, have signed up. They range from equipment vendor Siemens and phone company Qwest to research organization The SANS Institute. Their goal is to counteract a range of potential security risks in the practice of sending voice as data packets, as well as educate users as they buy and use VOIP equipment. An e-mail mailing list and working groups will enable discussion and collaboration on VOIP testing tools. David Endler, chairman of the VOIP Security Alliance said , there are many ways to attack a VOIP system. First, VOIP inherits the same problems that affect IP networks themselves: Hackers can launch distributed denial of service attacks, which congest the network with illegitimate traffic. This prevents e-mails, file transfers, web-page requests and, increasingly, voice calls from getting through. Voice traffic has its own sensitivities, which mean the user experience can easily be degraded past the point of usability.
Read more about their early research in this article.