About the Threat

TDoS attacks (Telephony Denial of Service) are a form of Denial of Service (DoS) attack that affects enterprise, government, emergency 911, financial call centers and other business voice systems. It is a significant threat to voice systems and public safety.

What is a TDoS Attack

A TDoS attack is an attempt to make a telephone system unavailable to the intended user(s) by preventing incoming and / or outgoing calls. The objective is to keep the distraction calls active for as long as possible to overwhelm the victim’s telephone system, which may delay or block legitimate calls for service.

Who is At risk

Attacks occur regardless of the technology in use by the victim. VoIP and TDM voice systems are equally vulnerable.

Telephony Denial of Service can also affect any government, enterprise, or small business, but most commonly impacts organizations with critical, public-facing contact centers. This includes emergency 911 financial services, government, health care and critical infrastructure.

With this kind of attack, the objective is to make a significant number of calls and to keep those calls active for as long as possible, to overwhelm or at least “clog” all or a portion of the victim’s voice system. The resulting increase in time for emergency services to respond may have dire consequences, including loss of life.

What the Attackers Want

There are a number of reasons why attackers turn to phone-based denial of service. For instance, hacktivists or social-cause-motivated cybercriminals might target municipal services to advance or highlight a political cause.

Pure financial gain is another motive. Telephony denial of service attacks are sometimes part of extortion schemes aimed at private companies in which attackers impersonate a collections agency representative collecting an outstanding (and fictional) loan or other fee. If the target doesn’t pay, the attacker launches the attack that, if successful, inundates the call-center with call traffic and ultimately overwhelms it, potentially making it impossible to complete ingoing and outgoing calls.

Fraud is another motivator. In one known attack profile, attackers simultaneously flood a call center or customer service staff with bogus calls. They then launch social engineering attacks against contact center agents. Fraudsters have been able to take advantage of the chaos to steal corporate or customer account information that they will later use to defraud the organization or the customer.

Malicious actors may also use phone-based denial of service attacks to harass call centers and distract operators just “for fun,” with a disregard for harmful effects. These attacks may be accompanied by messaging on social media platforms in order to increase the severity.

Types of Attacks

Attacks have evolved from manual to automated. Manual telephony denial of service attacks use social networks to encourage individuals to flood a particular number with a calling campaign. An automated attack uses software applications to make tens or hundreds of calls, simultaneously or in rapid succession, to include Voice Over Internet Protocol (VOIP) and Session Initiation Protocol (SIP). Numbers and call attributes can be easily spoofed, making it difficult to differentiate legitimate calls from malicious ones. Telephony denial of service attacks could also be used in conjunction with a physical attack, when calls to 911 and other emergency numbers would crest.

The Threat is Growing

In our 20+ years helping customers defeat and mitigate these attacks we've seen a rise in frequency, complexity, and sophistication that parallels the rise in availability of cheap digital tools to initiate robocalls and spoof caller ID.

As recently as February 2021 the FBI released a security notice warning of phone-based denial-of-service attacks against emergency call centers.

Partnering with DHS to Defeat the Threat

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has partnered with our Vox Innovation Lab to solve complex phone-based denial of service issues and develop defense-based solutions to prevent these attacks. Our goal is to shift the advantage from attackers to network administrators by increasing the capability to detect and mitigate attacks, by authenticating callers and detecting call spoofing.

Preventing TDoS Attacks

Our Call Secure Managed Service works to mitigate telephony denial of service attacks by authenticating calls and helping to defeat fraudulent call spoofing. Speak to one of our voice security experts today about how to prevent these attacks and other threats.

Official Notices

FBI Warning

Announcement to help mitigate the impact of telephony denial of service attacks on readiness of call centers

DHS Fact Sheet

TDoS fact sheet to guide readiness for 911 call centers and emergency management systems.

Customer Stories

US Bank Blocks TDoS Attacks

A large US Bank was the victim of several telephony denial of service attacks that paralyzed their voice network for several days.

Healthcare Corporation Defeats Payday Loan Scam

A nation-wide healthcare corporation finds dozens of its member hospitals crippled by TDoS attacks in this sophisticated scam attempt.

Prevention

Call Secure Managed Service

Protect your voice network or contact center from malicious denial of service attacks and other phone-based threats.

TDoS White Paper

In this whitepaper we examine the threat and discuss options for mitigating and resolving attacks.