Cyber criminals seem to be tying up emergency phone lines with phone-based DoS efforts, security experts report. Actually, TDoS has become a common weapon of annoyance and to extort cash from the targeted outfits, which are normally businesses and public service agencies.
According to the security experts, telephone DoS attacks use high volumes of automated calls in order to tie up target phone systems and halt both incoming and outgoing calls. Thus far, there have been plenty of such attacks, with their targets being mostly the administrative public safety answering point lines, but fortunately not the 911 emergency line. The point is that such offices were targeted because the attackers needed functional phone lines to carry out their attacks.
In the meanwhile, statistics reveal that many telephone-based attacks have targeted different businesses and public entities – for example, the financial sector, – as well as other public emergency operations interests, like air ambulance, ambulance and hospital communications.
So, what is the purpose of the attack? It seems that the attackers want to be paid protection money by the target entities. The scam scheme is quite simple: it normally starts with the companies getting a call from some “representative” of a purported payday loan company. During the conversation, a caller, in most cases speaking in a strong accent, demands payment of around $5,000 for an outstanding debt. After the caller is refused by the company, the perpetrator starts phone-based attacks, which can last for a few hours. Such attacks may stop for a while and then resume. Normally, once an entity is attacked, it might suffer random attacks over several weeks or even months.
In our days, the phone-based DoS attacks became so widespread because free IP-PBX software like Asterisk has become available. In addition, you can find online some computer-based call-generation instruments and easy-to-access SIP services. All this stuff makes it cheaper for the criminals to get their paws on such software and launch their extortion rackets even without much in the way of technical knowhow. Hopefully, the vital emergency services will remain unaffected by such scam efforts
According to the security experts, telephone DoS attacks use high volumes of automated calls in order to tie up target phone systems and halt both incoming and outgoing calls. Thus far, there have been plenty of such attacks, with their targets being mostly the administrative public safety answering point lines, but fortunately not the 911 emergency line. The point is that such offices were targeted because the attackers needed functional phone lines to carry out their attacks.
In the meanwhile, statistics reveal that many telephone-based attacks have targeted different businesses and public entities – for example, the financial sector, – as well as other public emergency operations interests, like air ambulance, ambulance and hospital communications.
So, what is the purpose of the attack? It seems that the attackers want to be paid protection money by the target entities. The scam scheme is quite simple: it normally starts with the companies getting a call from some “representative” of a purported payday loan company. During the conversation, a caller, in most cases speaking in a strong accent, demands payment of around $5,000 for an outstanding debt. After the caller is refused by the company, the perpetrator starts phone-based attacks, which can last for a few hours. Such attacks may stop for a while and then resume. Normally, once an entity is attacked, it might suffer random attacks over several weeks or even months.
In our days, the phone-based DoS attacks became so widespread because free IP-PBX software like Asterisk has become available. In addition, you can find online some computer-based call-generation instruments and easy-to-access SIP services. All this stuff makes it cheaper for the criminals to get their paws on such software and launch their extortion rackets even without much in the way of technical knowhow. Hopefully, the vital emergency services will remain unaffected by such scam efforts
No comments:
Post a Comment