Massive DDoS Attacks a Growing Threat to VoIP Services

. What's this?

By Ellen Messmer

October 04, 2011Network World — ORLANDO, Fla. -- When the massive distributed denial-of-service (DDoS) attack in March brought down the voice-over-IP (VoIP) call processing supplied by TelePacific Communications to thousands of its customers, it marked a turning point for the local-exchange services provider in its thinking about security.

The massive DDoS attack came blasting in from the Internet in the form of a flood of invalid VoIP registration requests. The attack resulted in widespread service disruptions for a number of days in late March and cost the company hundreds of thousands of dollars in customer credits. After the attack was over, the facilities-based services provider, based in California and Nevada, took steps to boost security measures to seek to prevent any similar occurrence again, said Don Poe, vice president of network engineering at TelePacific Communications, which provides the VoIP "Smart Voice" service to thousands of customers.

MORE ON VOIP SECURITY: Botnets, cloud computing may be fuelling attacks against VoIP

But Poe, who spoke out about the massive DDoS attack during a presentation he made at the fall 2011 Comptel Plus Conference here, said he was sharing details about the attack because the pace of many types of DDoS attacks appears to be growing and the telecommunications industry isn't sharing information about them as well as they might for the common good.

TelePacific, he said, sees a multitude of daily scans against its network, and low-level attacks can occur about twice a day. But the services provider had never before seen what happened in the March period when the normal level of 34 million SIP traffic registration requests for VoIP connections suddenly shot up to 69 million and "flooded our systems," he said. "There was no calling ability."

Comptel, the industry trade group for competitive communications services providers and their suppliers, says it does believe its membership is seeing an uptick in DDoS attacks and that's why it scheduled the session panel on the topic that included Poe; Stacy Arruda, a supervisory special agent and cybercrime supervisor at the FBI; and Patrick Gray, principal security strategist at Cisco.

In recounting the DDoS event against his company's VoIP service, Poe said he did contact the FBI to report the attack, but he found out that TelePacific simply did not have the necessary event-analysis information that the FBI needed to be able to successfully pursue a case. "We were not prepared," he said. "We didn't capture enough information." That situation has been rectified with new data-capture systems, he adds.

Originally published on www.networkworld.com. Click here to read the original story.
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER