DDoS Attacks Impacting VoIP Phone Systems

Communications are of paramount importance in today’s business world. With the advancement of technology such as cell phones and the internet, instant and quick communication is a must. 

Voice over Internet Protocol (VoIP) phone systems brings benefits only dreamed about in earlier years. Using VoIP, you may answer your office phone calls from your home, a coffee shop, or even on the golf course. You can get your voicemails sent to your email, and all you have to do is simply click them to listen to them. Many businesses and organizations now your VoIP phones systems. 

In recent days, a new cyberattack has taken root. Bandwidth is “a provider of communication APIs and services tailored to meet the needs of business users and developers wishing to build voice calling, text messaging, or 9-1-1 call connectivity into their software and applications (GetApp).” Bandwidth has been suffering from continuous Distributed Denial of Service (DDoS) attacks, impacting downstream VoIP providers as well. 

What are DDoS attacks?

Distributed Denial of Service (DDoS) attacks take advantage of a network’s capacity limits. A network’s resources, web servers, for example, have a limited number of requests that they can service at any one time. Also, the channels that connect the servers/resource to the internet have a limit on their capacity/bandwidth (no pun intended). Once the number of requests exceeds the capacity of the network, the services begin to suffer. 

Recently, the frequency of DDoS attacks has increased. With the increase in frequency, we have also seen an increase in DDoS attacks have a ransom demand attached to them, asking for a specific dollar amount to make the Docks stop.

Previous attacks on VoIP providers

Bandwidth is not alone, as many in the telephony industry have been targets lately. In early September, VoIP Unlimited and Voipfone, two Internet and Telephony Services Providers (ITSP) based in the United Kingdom were targeted by the REvil ransomware gang (learn more about ransomware in our article “What is Ransomware and Why You Should be Aware of It”). REvil demanded a large ransom from the ITSP to stop the attack. 

Also receiving a ransom demand after falling victim to a DDoS attack in mid-September was VoIP.ms. VoIP.ms is a Quebec-based ITSP, and the DDoS attack caused a large disruption in services. 

The Bandwidth DDoS attack

At 3:30 P.M. EST on Saturday, September 25th. Bandwidth began experiencing service disruptions from the DDoS attack. Per Bandwidth updates, the DDoS attack has caused outages to hit their voice, messaging, enhanced 911 services, and access to their portal.

As a leader in telephony provider to US VoIP companies, many VoIP vendors have experienced outages since the Bandwidth DDoS attack began, citing the cause to an unidentified upstream provider. Many have also noted that a large telecommunications company is operating in emergency mode. 

Bandwidth has not confirmed if a ransom has been demanded of them to stop the DDoS attack or not. 

Do you use a VoIP phone system? If so, have you experienced any issues?