Comment from Webroot: Cyber-attack hits UK internet phone providers
October 2021 by Matt Aldridge, Principal Solutions Consultant, Carbonite Webroot
According to an industry body, an "unprecedented" and coordinated cyber-attack has struck multiple UK-based providers of voice over internet protocol (VoIP) services. Industry body Comms Council UK said several of its members had been targeted by a distributed denial of service (DDoS) attacks in recent weeks.
The comment from Matt Aldridge, Principal Solutions Consultant, Carbonite + Webroot:
“We have seen a steady increase in DDoS extortion attacks against VoIP providers in recent times. They are an ideal target for criminals, as their services rely on a consistent experience for their users at all times during a call, so any instability in service delivery has a huge impact on their customers. It is critical for VoIP providers to put in place a robust DDoS mitigation strategy, and this will probably need to include taking measures to move traffic dynamically between servers and regions of their service delivery, as well as to mask the IP addresses they are using as service endpoints and tunnel the VoIP traffic, in order to pre-empt and sidestep huge denial of service attacks such as these. VoIP protocols were not designed with such abuse in mind, so this is very challenging for the service providers.”