Since VOIP is a relatively new feature, I would've thought the providers had built in extensive security features to prevent hackers and other sabotage attacks.
Another area of concern is intercepting calls, that is, developing logs of who called whom and listening in to conversations.
I find it ironic that when the govt does this it's front page news and raise the outrage of so many people. But when a criminal exploits inherent and apparently obvious weaknesses in the Internet, it's a yawner. Sorry, but I'm more worried about criminals listening in to my phone calls than the govt.
How (though what internet access points, computer resources, etc) did the hackers generate "'millions' of test calls"? Presumably ISPs, even those providing professional services, have limits on traffic coming out of a short time. (Mine has very low limits to prevent spammers).
Also, most computers shut off access after a few unsuccessful log on attempts (like 3 [THREE]). After "millions" of hits, shouldn't the computer have blocked access or raised a warning to a human operator? This isn't only necessary for security, but also reliability--suppose a failed computer someone else is in an "infinite loop" and sending out calls repeatedly. Without protection (ie a "circurit breaker"), the networks will get flooded.
Power systems have physical circuit breakers to isolate faults that could damage equipment. These go off fairly often, but there is redundant lines so troubles are rare. It seems the Internet should have 'logical circuit breakers' to do the same thing for protection.
This is one of my concerns about the safety and security of the Internet. If anyone can just get on and send out millions of transactions unchecked by any protocol, the risk for disruption is extremely great.