TDoS - Telephony Denial of Service
What is Telephony Denial of Service?
You may have seen reports of DDos attacks in the news, where bad actors flood data systems with bogus traffic to overload and paralyze major businesses.
Well, Telephony Denial of Service (TDos) attacks are similar, but they target your voice systems.
Can you afford that kind of downtime?
Common TDoS Attack Profiles
Thanks to automation, Telephony Denial of Service attacks are easy to generate and don't require a high volume of malicious calls to wreak havoc.
come from a single origination point and sometimes use spoofed phone numbers. Small organizations are the most targeted, since they rely on critical voice lines but may have limited resources to respond quickly.
fly under the radar using spoofed numbers, which are tough to spot for small and large companies alike.
Distributed & Complex Attacks
employ sophisticated spoofing technology with calls appearing to originate from all over the country. Large companies that can't afford to lose legitimate callers are most at risk. In this scenario, early detection is mission-critical.
The textbook approaches to fighting Telephony Denial of Service / TDoS Attacks are simply not enough for the modern age.
Organizations that use SIP Trunking (many users sharing a few communication paths) often rely on Session Border Controllers (SBCs) for basic blacklist and whitelist capabilities. But SBCs were not built to handle large-scale, automated floods of traffic.
Your Voice Service Provider may have some basic security tools, but capabilities vary greatly provider to provider. Plus, response times won't be enough to protect your business operations from disruption.
SecureLogix's solutions can be deployed in both SIP and TDM networks, and it integrates well with common network infrastructures. We support both large and small sites, and use nimble policies for detection and mitigation.
Better yet, newly built business rules and policies are fed by call attributes and SIP signaling attributes, without impacting underlying software.
- Cloud-based deployment
- Call-control options
- Supports semi-static and dynamic white and black lists
- Customizable network queries on source number, number type checks, call authentication, etc.
- Accommodates industry regulatory requirements without changing software
Industries at Increased Risk of Attack
Are You a Target?
Does your business rely on voice and data lines daily? If voice networks are mission-critical, so is voice security.
A U.S. nation-wide banking institution experienced call pumping attacks in the form of thousands of calls into the bank’s 1-800 contact center numbers.
A large, U.S. regional banking institution was the target of several Telephony Denial of Service (TDoS) attacks, resulting in the loss of all telephone/voice services across multiple retail branch locations for an extended period.
A large regional financial institution and its customers were victims of phone-based financial fraud and account takeover attacks inside the bank’s national contact center operation.
A nation-wide healthcare corporation was receiving urgent, weekly reports of Telephony Denial of Service (TDoS) attacks from many of its more than 250 member hospitals across the U.S.
An international financial credit rating organization discovered that there were plans to use social media to organize a flash-mob Telephony Denial of Service (TDoS) attack against its voice systems and services.