D’Ya Feel Safe, Yet?

The Department of Homeland “Security” gets it’s out of date PBX mail exchange telephone systems hacked, and the hacker procedes to make $12,000 worth of calls to the Middle East and Asia, presumably just to be a dick.

Now, two things about this worth remembering: first, this is a very, very old and very well-documented form of hacking that barely happens anymore in large companies because the PBX system is irrelevant with VoIP, which is the current state-of-the-art voice system.  So, not only are you as a tax payer paying for an outdated technology, but if DHS is going to use old crap, this is a vulnerability they should have known about and prevented.

Second, PBX is a very simple system, and there aren’t really any “rights administration” things as firewalls built in.  Once a hacker has gained access to a PBX system, they’re free to listen in on calls, listen to legitimate users’ voicemails and delete them if they please, and even re-route calls away from their intended destinations.  That the hacker chose to make calls to the Middle East and Asia on DHS’s dime is nothing short of amusing in the way of that classic hacker wit, but that it was even possible is actually quite a bit bigger a deal than the media will let on.

By Tommy Belknap

Owner, developer, editor of DragonFlyEye.Net, Tom Belknap is also a freelance journalist for The 585 lifestyle magazine. He lives in the Rochester area with his wife and son.