Interesting article as a follow-up to the hacking scheme:

“It was a 100-percent margin business,” mused Seshu Madhavapeddy, CEO of Sipera Systems, a Richardson, Texas-based VoIP security company.

But in a telephone interview with TMCnet, Madhavapeddy on Thursday cautioned that the breaches are no laughing matter and the highly publicized incident might even inspire copycat to resort to criminal activity like intrusion, spoofing or spamming – techniques that aren’t entirely insurmountable but vexing nonetheless.

“There are a lot of guys out there that are looking at these guys as role models,” Madhavapeddy warned.

The security breakdown actually occurred at two points in the communication system and is the best illustration to date of the embryonic state of VoIP firewalling – i.e. enabling VoIP traffic to traverse the pinholes of a corporate firewall, the security expert explained. Because the firewall has grown to be a reliable (and in some cases is the only) security layer in the data realm, enterprises have turned to NAT traversal as a “best-practices” method for voice packets to travel through the network.

Yet that alone isn’t enough. Enterprises also need to account for intrusion detection (worms, Trojans, etc.) and direct attacks (spam, Distributed denial-of-service, etc.) to safeguard against malicious hackers.

“In order to assemble a security system for an enterprise today, you use multiple products,” Madhavapeddy told TMCnet.