Telephone DoS: Who Are You Gonna Call?

B. Ostergaard

B. Ostergaard

Summary Bullets:

  • Recent hacktivist attacks have been aimed at the corporate phone lines, criminal hackers will launch combined DDoS/TDoS attacks
  • The good news is that MSSPs are bringing on TDoS mitigation solutions

On April 12, 2012 a hacktivist group with the ominous name ‘TeaMp0isoN’ targeted the UK counter-terror agency, MI6, claiming to be motivated by the recent decision at the European Court of Human Rights allowing suspected terrorists to be extradited to the United States. However, the attack was not the usual DDoS barrage against the MI6 Web presence. Instead, the group created a wall of phone calls for a period of 24 hours, which meant nobody else could get through. They used a script based on the Asterisk software with a SIP protocol to make calls to the agency’s offices non-stop, basically launching a telephone-based denial-of-service (TDoS) attack.

The attack was well timed – from a BT Assure perspective, as the UK incumbent carrier’s security arm rolled out its new TDoS defense service at the InforSec2012 conference in London last week using a software solution from US-based SecureLogix. Easily-accessible, low-cost VoIP tools allow attackers to launch high-volume, computer-generated IP calls at company telephone lines, PBXes, routers etc. with immediate operational implications for the enterprise. They may also serve secondary functions such as making it difficult for companies to alert authorities to an ongoing attack on company data sites. Although these calls are often originating as auto-generated IP calls, they can still touch any enterprise voice network, whether traditional TDM or newer SIP-based VoIP/UC.

So, similar to the understanding that companies have gained about the importance of threat mitigation to dodging DDoS attacks, they should not be blind to the susceptibility of attacks on the old fixed telephone lines, and the important role they play in everyday communication. BT’s point is that such defenses are available and can be deployed as part of the carrier’s managed security services. The SecureLogix ETM System provides tools to detect and mitigate TDoS attacks, and the ETM System voice network firewall and intrusion prevention system (IPS) applications enable real-time detection and mitigation of attacks. So without overstating the obvious, protecting the telephone lines should be part of any compliance process, and with the BT Assure solution, this becomes an OpEx rather than a CapEx item. But the first question to ask is: have you done any kind of risk assessment relating to the performance of your corporate voice networks? Are there back-up procedures in place to handle a simultaneous attack on corporate data and voice resources?

 

About Bernt Ostergaard
As Research Director for Business Networks and IT Services at Current Analysis, Bernt covers the competitive landscape for system integration and IT service provisioning, and analyzing the managed security services across carriers and IT Service Providers. He brings with him a broad understanding of the competitive issues and environment that currently exists in the rapidly changing IT services and telco sectors.

What do you think?

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: