VoIP services face 'unprecedented' cyber attacks in the UK

        According to the UK Communications Commission, an "unprecedented" and coordinated cyber attack has hit several British Voice over Internet Protocol (VoIP) service providers. This type of Distributed Denial of Service (DDoS) attempts to take websites or online services offline or otherwise make them inaccessible by flooding them with internet traffic. Yesterday's attacks targeted VoIP providers that offer telephone services to British businesses, including emergency services.

Expert Comments       

        Oliver Patterson: This attack is not surprising. For years, Telco has been the target of cybercriminals, whose aim is usually to deceive customers, and such attacks have only increased during the disruptions brought about by the pandemic. As many businesses frantically shifted their focus from security to survival, hackers have benefited greatly. Over the past two years, we have seen attackers start to operate more like a business, diversifying as opportunities arise.

        For every obstacle set up by businesses, they should expect to see the results of new evolutions of attacks, prominently manifested in the growth of ransomware and the unique ways in which more businesses are being held for ransom. Unfortunately for businesses, this means they cannot afford to be complacent and need to constantly understand and analyze where their security weaknesses lie in order to address the locations and ways they could be targeted. Since companies now face advanced and persistent threats, they need to start thinking like hackers and learn how to reduce the chances of compromise and disruption through security and resilience.

Josh Goldfarb

        There is no shortage of compromised devices (desktop computers, laptops, tablets, mobile phones, etc.). These compromised devices are usually grouped together to form botnets (or simply zombie networks). Attackers take advantage of this situation by controlling large botnets or purchasing access to them. Once attackers have a large botnet, they can decide to turn it on the next victim or victims in an instant.

        This week, British VoIP providers are the latest victims as attackers decided to turn their army of robots against them. Unfortunately, few organizations can prevent the compromised devices themselves. Instead, businesses should focus on what can be done within the virtual corporate image wall to protect themselves from these (and other) attacks. In other words, compromised devices and botnets are here to stay. However, DDoS protection and protection against other types of attacks (including bot attacks) have improved. Modern DDoS protection is now quite advanced. Solutions can include multi-layered defenses that can prevent hybrid network attacks and complex application attacks, while enabling full SSL decryption, anti-bot functionality, and advanced detection methods.

        It is very naive to view DDoS as an uncomplicated attack vector. Like most criminal methods, it has evolved over time into a very useful tool for cybercriminals. When other data breach activities occur, it is usually a distraction tool, but it is equally useful as ransomware technology. Ransomware relies on the inaccessibility of data, and although it is usually achieved through network penetration and encryption, denying access is equally effective, albeit for a shorter period of time. The currently attacked VoIP service providers have clearly taken the best approach by notifying and liaising with the relevant authorities. Although it may take some time to solve this problem, their customers should be patient and careful, follow any advice provided, and believe that this approach will make the industry a less attractive target in the future.