VoIP attacks

A co-ordinated cyber-attack has recently targeted UK-based providers of voice over internet protocol (VoIP) services, according to the Comms Council UK (CCUK).

The Industry body said several of its members had been targeted by Distributed Denial of Service (DDoS) attacks in recent weeks, with an overall threat issued to the entire sector. Ofcom has confirmed it is also aware of the situation.

DDoS works by flooding a website or online service with internet traffic in an attempt to make it crash or go offline, otherwise making it inaccessible. Past attacks have been used to take websites offline or sometimes hijacked to post or make political statements.

However, the latest spate of attacks have targeted VoIP in an alleged effort to blackmail the targeted companies. VoIP providers offer internet-based calls to a huge range of customer and businesses, as well as public services such as the NHS and police forces.

In a statement the CCUK said that the DDoS attacks on British VoIP providers have all taken place in the past four weeks and appeared to be part of an “unprecedented” co-ordinated, extortion-focused campaign by professional cyber-criminals.

DDoS attacks are often dismissed as too crude or blunt a tool to be considered hacking. However, these latest developments shows that any online security weaknesses will still be exploited. By targeting VoIP with DDoS and then issuing ransom demands, this recent wave of attacks shows a new deviation in tactics.

To discuss online security for your business, contact the NEBRC on enquiries@nebrcentre.co.uk