Telephony denial of service (TDoS) is a type of cyberattack that can be used to disable telephony systems. Similar in concept to a typical data network DoS (denial of service), its purpose is to deny users access to a particular telephony service. In this article, we discuss how TDoS attacks are conducted and what measures you and your telco can take to protect your systems.
What is a DoS attack?
The goal of a DoS attack is to make a system unavailable to its legitimate users by temporarily or permanently disrupting its services. This is typically done by overwhelming the system with a swarm of fake machine-generated requests for system resources, thus incapacitating the system from responding to the requests of legitimate users. In the case of a web server, for example, tens of thousands of fake HTTP requests can be sent to the server, from hundreds or thousands of computers on the internet. This results in the web server’s resources (memory, CPU cycles, network bandwidth) becoming too overwhelmed to respond to genuine requests for content, rendering the service unavailable to users.
To use a brick-and-mortar analogy, a DoS attack would be like a group of people who have no intention of purchasing anything crowding around the entry door of a shop, making it difficult or impossible for legitimate customers to enter, resulting in a disruption of trade.
What is a TDoS attack?
A TDoS attack is a DoS attack on a telephony system. Unlike attacks on network servers, the primary resource targeted by TDoS schemes is the voice channels themselves. For example, an enterprise telephony network has a finite number of voice channels to the PSTN. If all of those channels are engaged, no additional calls can be routed, either in or out. TDoS attackers find ingenious ways of creating bogus calls that can quickly saturate PSTN connections.
TDoS attackers and their targets
TDoS targets can be enterprise telephone systems, contact centers, or even the telcos themselves. 911 emergency services have also been targeted. There have been examples of attackers using TDoS to either advance a particular political agenda, or to exact revenge against a specific company or group of people. Sometimes TDoS is used as leverage for extortion, where attacks will continue unless a ransom is paid. There are also documented cases where a TDoS occurred unintentionally, as is the case in 1981 when the song 867-5309/Jenny was released and became a hit, prompting callers all over the U.S. to call the number asking for Jenny.
TDoS techniques
The most common way telephone systems are attacked involve the saturation of the voice channels. For contact centers, enterprise networks, and emergency services, this can be done in various ways:
How VoIP and conventional telephone networks differ when it comes to TDoS
Both conventional and VoIP telephone networks are vulnerable to TDoS attacks. However, they are affected by them in different ways:
How to protect systems against TDoS
Regardless of what kind of system you have, the first line of defense is the telco. It is responsible for having systems in place that will detect TDoS attempts and protect your network from them. Establish an effective partnership with your telco and find out more about what kind of protection services it provides.
Telco protection features can include:
Because no mitigation techniques can be 100% effective, some additional preparation tasks you should execute include:
Recommended actions to take during a TDoS attack include:
Conclusion
TDoS attacks can be a scary prospect, especially for enterprises whose primary source of income depends heavily on telephony service. Being prepared for such attacks can go a long way towards mitigating and resolving them, as well as finding the perpetrators.
You may also like:
Common Wi-Fi security threats and how to mitigate them
How to hack-proof your VoIP network
For a safe new year, you need more than a firewall