The rise of voice over Internet Protocol technology in general has brought with it a variety of new possibilities in terms of business use and personal use. Expanded feature sets, improvements in voice quality and reduced expenses are just a start to the array of benefits that come with the concept. But with new opportunities often come new dangers, and a new kind of attack known as Telephony Denial of Service (TDoS) is coming into vogue as a new weapon of choice.
A TDoS attack is part of the improved accessibility of VoIP and the like, and generally requires five steps in order to build and launch. Knowing how such an attack is constructed can provide valuable insight as to how to find, defeat, and even prevent such attacks before they can strike and take valuable business down with it.
First, attackers need to get hands on IP-PBX software like that offered by Asterisk (News - Alert). Then, attackers need to get a call generator, or otherwise retool Asterisk software to make the necessary calls. Call generators can be had as part of VoIP testing tools like the TransNexus (News - Alert) fraud detection tools.
Once that's in place, attackers then determine the number they want to shut down, and input it into the call generation systems. Finding a number can be as easy as checking a local telephone book or searching a website for the most appropriate number to target.
With the target number in place, attackers then decide on the audio they want to transmit during the call in question, which can range from utter silence or static to music tracks to even voice effects.
Next, attackers arrange for SIP trunking, which can provide the ability to make calls at one cent a call. For that kind of expense, attackers can flood a business with thousands of calls for less than $100, making it a cost-effective approach of attack.
With all that in place, attackers then decide the time to launch the call, usually tailoring the time of the attack to a specific time or to match a specific event, where blocking up the lines does the most damage.
It's an extremely insidious form of attack, because it's comparatively easy to set up and requires only a few steps that can be undertaken even by lower-tier groups or even some individuals. But some potential counters to this breed of attack come to mind. Distributing facilities, for example, can go a long way in terms of preventing blocking; if there are multiple facilities available for customers to contact, even if a TDoS attack is going on, users can try a different line. Executing one TDoS attack is comparatively simple, but executing three or four at once is three or four times more difficult. Taking a customer service-centrated approach can also be helpful. The point of a TDoS attack is to prevent customers from getting through, but if businesses are ready with “apology incentives” for users who have a tough time getting through—a small discount on future purchases, for example—the frustration users feel at getting on the bad end of a TDoS can be mitigated or even removed outright.
The TDoS attack is a potentially painful one for business users of all sizes to fall victim to, but a little advance planning and a little preparation can go a long way toward pulling at least some of the teeth from this insidious new attack.
Edited by Rich Steeves