Ask about distributed denial-of-service attacks (DDoS), and many people will envision a website being non-responsive. However, according to researchers at Arbor Networks, cybercriminals are also advertising to launch DDoS attacks against a less likely target – your telephone.
“DDoS affects many types of systems,” blogged Curt Wilson of Arbor Networks. “Some have used the term TDoS to refer to DDoS or DoS attacks on telecommunications systems (Telecommunications Denial of Service)….Typical motives can be anything from revenge, extortion, political/ideological, and distraction from a larger set of financial crimes. Just as we’ve seen the Dirt Jumper bot used to create distractions by launching DDoS attacks upon financial institutions and financial infrastructure at the same time that fraud is taking place (with the Zeus Trojan, or other banking malware or other attack technique), DDoS aimed at telecommunications is being used to create distractions that allows other crimes to go unnoticed for a longer period.”
Often, session initiation protocol (SIP) flooding attacks take place because attackers are running brute-force password guessing scripts that overwhelm the processing capabilities of the SIP device, but pure flooding attacks on SIP servers have occurred as well, he said.
“Once the attackers obtain credentials into a VoIP or other PBX system that system can become a pawn in their money-making scheme to perform DoS, Vishing, or other types of attacks,” explained Wilson. “Default credentials are one of the security weaknesses that the attackers leverage to gain access to the VoIP/PBX systems, so organizations should ensure that their telecommunications systems credentials are strong enough to resist brute force attack, and that the ability to reach the telephone system is limited as much as possible in order to reduce the attack surface and convince the attacker to move on to the next victim.”
The price of the TDoS attacks varies. Just recently, Arbor researchers discovered a handful of advertisements for phone attacks that ranged in price for $20 per day to $30 per hour.
“Any system is subject to availability attacks at any point where an application layer or other processor-intensive operation exists as well as the networks that supple these systems via link saturation and state-table exhaustion,” he said. “Telecommunications systems are no exception to this principle…clearly, there is money to be made in the underground economy or these services would not be advertised.”
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- Fraudulent “CryptoRom” Apps Slip Through Apple and Google App Store Review Process
- US Downs Chinese Balloon Off Carolina Coast
- Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op
- Feds Say Cyberattack Caused Suicide Helpline’s Outage
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
