4 Steps to Preventing a TDoS Attack Before it Cripples Your System
January 9, 2019
The risk of a Telephone Denial of Service (TDoS) attack is on the rise, and no business is exempt from this security nightmare. While phone spam is not a new threat to businesses, risks to your communication systems have evolved.
Today's hackers are using sophisticated malware to infect smartphones and flood the phone systems of agencies or companies with spoofed phone calls, resulting in phone line unavailability for legitimate callers.
The growth of TDoS is so concerning, the FBI and Department of Homeland Security (DHS) have issued warnings to businesses about this risk. If a telephone-based DOS attack targets your organization, you may suffer consequences that are even worse than phone system downtime. TDoS attacks can be used as a "smokescreen," or distraction from other information security threats against your network. Increasingly, TDoS targets also face extortion demands to pay a ransom to stop the attack.
While the Internet Crime Complaint Center has received thousands of reports about TDoS attacks, there have only been a few convictions to date. TDoS attacks equally impact every kind of phone system, regardless of whether a business is using traditional phone technology, premises-based systems, or voice-over-IP (VoIP) telephony. To protect your brand, it’s time to determine your risk level, evaluate solutions, and create a plan for response.
4 Steps to Preventing a TDoS Attack
Nearly 7 out of 10 technology executives (67%) believe their business will undoubtedly fall prey to a security attack in 2019. Distributed denial of service (DDoS) attacks targeted at IP addresses and TDoS attacks are two of the fastest-growing categories of cybercrime. One of the reasons these categories of crime are becoming more prevalent is that it's now cheaper and more accessible than ever for hackers to launch a denial-of-service attack.
"The underlying enabler for TDoS attacks is the ability to use automation to cheaply and easily generate hundreds or thousands of simultaneous calls" states a DHS fact sheet.
It can be difficult to initially detect or prosecute TDoS crime because it's also relatively simple for cybercriminals to spoof inbound calling numbers. Malware and skilled human services used for TDoS and DDoS attacks are openly sold in criminal forums on the dark web at costs as low as $10 per hour. Developing a formal strategy to protect your business is imperative.
Related Reading: How to Evaluate DDoS Prevention Services
1. Determine Your Risk Level
Your business is at the most significant risk of suffering a TDoS attack if you are in the government or public safety sector. According to a recent statement by the Department of Homeland Security, "911 emergency call centers and other critical service providers" have been among the most frequent targets of malicious calls. However, this attack pattern also poses "significant risks to banks, schools, hospitals" and businesses in other industries.
If your business relies on telephones for communications, you're likely at risk of being targeted by a flood of automated calls. Your risk is most likely highest if you work in public safety, where the consequences are also more severe due to citizens being unable to contact emergency services. A TDoS attack can be critically damaging for organizations in any industry due to customer frustration, downtime costs, and reputation damage.
2. Explore Solutions
Today’s most sophisticated criminal actors are deploying malware-infected botnets of phones to hammer businesses and agencies with automated calls. TDoS attacks are relatively easy for hackers to generate. According to SecureLogix, they may take one of several forms:
- Simple Attacks: Originating from a single phone line, sometimes using a spoofed number. Simple attacks most frequently target small businesses.
- Complex Attacks: Distinguished by the use of spoofed numbers, this category is difficult to detect using analog methods.
- Distributed Complex Attacks: Characterized by the use of sophisticated spoofing malware to flood businesses with calls from many geographic points of origin.
Any of the three main categories of TDoS attacks can present risks to organizations. The recent growth in malicious calls and telephony spam has been described as "insane" by the Federal Communications Commission (FCC), who estimated 50 percent of all calls are robocalls. Organizations of all sizes should begin exploring comprehensive solutions for TDoS response and mitigation:
- Ask your telephony provider what services they provide to monitor and respond to a TDoS attack.
- Train employees on security best practices to monitor for TDoS attack risks and other phone-based security attacks, such as phone-based phishing attempts.
- Consider obtaining call recording software to provide evidence to law enforcement of threatening or abusive calls. Create flexibility for communications in case of denial of service attacks, such as mobile smartphones or a virtual PBX which can quickly add lines.
- Use strong phone system passwords which are difficult to crack to reduce the risks that your lines are hacked and used for a TDoS attack against another business or agency.
- Develop methods for tracking inbound phone call data, including time and date stamp, the incoming calling number, and geographic origin of the call.
3. Consider a Local Provider as a Trusted Advisor
Does your business need to consider hiring a local business phone service provider to offer TDoS prevention services? Perhaps. If your company operates in a high-risk industry, such as government, public safety, or finance, you may be at unusually high risk of suffering from a distributed, complex TDoS attack.
The decision about whether you can benefit from 3rd-party TDoS expertise should be made based on your risks, including the threats to your bottom line if your phone lines are unavailable for an extended period. A trusted communications provider can help your organization assess its unique risks, create redundant communications systems, and monitor for an attack.
According to Gartner research, the average cost of downtime for a small-to-midsized business is $5,600 per minute. If a TDoS attack smokescreens other hacking activity, you may suffer a data breach. The average cleanup cost of an information security incident in 2018 with data loss was $3.86 million.
Partnering with a local provider can offer access to some of the leading TDoS mitigation solutions, such as SecureLogix or TransNexus, which are industry-leading options exclusively resold by telecommunications companies. Cloud-based tools for TDoS prevention can offer a significant advantage over analog methods for attack detection and response by providing call control options, number blacklisting, call authentication, and source checks.
4. Take Action and Prepare a Response Plan
Suffering a DoS attack could be inevitable, especially if your business operates in a high-risk industry. Regardless of the solutions you pursue, your company should incorporate TDoS response planning into your official business continuity plan. According to Ponemon Institute research, firms who can quickly respond to a security incident and contain the damage can save 26 percent or more on the total cleanup costs of the event.
If a TDoS attack hits your business, there are a few steps you can take to mitigate the damage.
- Limit the phone lines that can be swamped by the TDoS attack, using no-answer functionality if possible.
- Communicate the disruption to your customers via social media and email.
- If possible, add new lines to your private branch exchange (PBX) phone system to handle customer communications during the attack.
- Actively monitor network security to determine whether the TDoS attack is meant to distract from other hacking events.
- Report the incident to your local police force, the National Cybersecurity and Communications Integration Center, and the Internet Crime Complaint Center.
TDoS Attack Prevention in the Washington, D. C. Area
The most critical step to TDoS attack prevention in the Washington D.C. area is understanding that all organizations and industries are vulnerable to being targeted, and this form of attack is on the rise. Your business should understand the limitations of manual prevention methods, and consider working with a local phone system provider to automate TDoS prevention.
Atlantech Online has been a trusted provider of secure business communication solutions in the greater D.C. metro area, Maryland, and Virginia since 1995. During our decades in business, we’ve established a trusted track record of providing superior technology and service to our clients in multiple industries. We offer an extensive menu of add-on options for Washington DC agencies and businesses, including TDoS/DDoS prevention and call recording. Click here to start a conversation about how a TDoS attack affects your business and how to prevent one today.