VoIP and the Menace of Telephony Denial of Service

The promise of VoIP has many organizations salivating. With savings to be made by leveraging Internet connectivity and whizzy new services that include deep integration with IT and video-conferencing, VoIP looks like the answer to everything those enterprises were asking for. But technology is often a double-edged weapon. Hackers and cybercriminals have spotted the potential for disruption, theft and extortion, using VoIP directly or as a means to an end. One of the major new threats to surface is telephony denial of service, or TDoS for short.

What is TDoS?

Telephony denial of service is the blocking of your voice-over-IP communication links to stop you from making or receiving calls. This can be a serious problem for commercial companies that have standardized on VoIP systems. It can literally be life-threatening if the attackers target emergency service organizations such as hospitals. The increase in this kind of attack has already prompted the Department of Homeland Security in the US to ask that victims contact it or the FBI to help counter the phenomenon.

Why VoIP Phone Systems are More Vulnerable than Data Centers

Much of the public’s attention concerning hacking has so far been focused on IT servers, end-user devices, applications and data. A large industry has sprung up as vendors vie with each other to produce anti-virus software and firewall hardware for organizations to protect their computing assets and information. VoIP systems present a new challenge and it isn’t any easier either.

  • Organizations need to keep their phone systems relatively open. After all, if you can’t communicate, then often you can’t operate. Restricting access to phone links with elaborate protective measures is intuitively counterproductive.
  • TDoS attacks can be done using less hacking resources than for DDoS attacks (Distributed Denial of Service attacks designed to cripple or block IT servers). An automated script that simply dials a target phone number, hangs up, dials again and so on can effectively prevent any other callers from getting through.

As an extra twist, TDoS attackers have also been phoning in themselves to demand ransom payments, with the threat of a real TDoS to follow if the money is not paid immediately. With Caller ID spoofing and anonymous credit card accounts to receive pay-offs, it may be impossible for victims to identify their cyber-aggressors.

What Can Organizations Do?

VoIP is still a digital resource like the IT infrastructure in general. Phone lines cannot always be hidden behind firewalls in the same way that servers can, but new security solutions now offer protection for VoIP. They can protect VoIP installations against brute force attempts (‘harvesting’) to gain access to directory information. They can also help to redirect and filter traffic in a TDoS attack, while blocking undesirable sources, much in the same way that this is done for DDoS attacks on data centers. The biggest step forward may however be in raising business awareness of such threats. That may mean taking a lead from the problems already caused in other parts of the world, notably Russia and Eastern Europe, rather than waiting for them to happen locally and having to scramble to fix the situation and get back to normal.