DDoS Attack Disrupts VoIP and Internet Services at Voipfone UK UPDATE3 | #cybersecurity | #cyberattack

Customers of both Voipfone’s UK business broadband and Voice-over-Internet-Protocol (VoIP) services are reporting to ISPreview.co.uk that the provider has suffered significant service disruption for the past day or two, which appears to be at least partly the result of a Distributed Denial of Service (DDoS) assault against their systems.

The problems appear to have started yesterday after the operator’s Service Status page “identified a further DDoS attack” against their network, which at the time of writing remains unresolved. Today, the provider’s broadband services have also been “partially” disrupted (since just after 10am), with Voipfone noting “reports of issues accessing some websites,” although it’s unclear whether this relates to the wider DDoS issue.

DDoS attacks typically work by overloading a target server or end-user with masses of data requests from multiple internet-connected devices (often malware hijacked computers / botnets etc.), which can cause the intended target to crash or suffer significant performance problems until the bad traffic stops. Such attacks may also expose other weaknesses that hackers can exploit (or even blackmail), such as happened to TalkTalk in 2015 (here).

Sadly, DDoS attacks occur against UK ISPs all the time and are practically par-for-the-course in this business, but most can be mitigated and few are ever significant enough to disrupt connectivity for lots of end-users. In many cases, these incidents often aren’t an attack against the ISP itself, but rather somebody targeting a specific customer or upstream network provider.

As I write this, Voipfone has just announced that the broadband side of “this incident has been resolved” (here), although sadly the wider issues with DDoS and VoIP appear to be ongoing (here). Suffice to say that there are quite a few customers complaining about their phone services being down, particularly on Twitter. The provider’s last update on that specific issue was posted 6 hours ago.

UPDATE 8:54am

Shockingly, Voipfone has not been able to issue a service status update on the DDoS related phone/voip outage in 22 hours. Since yesterday’s article we’ve also had bags of emails and comments from both consumers and businesses, including some broadband ISPs, that are dependent upon the provider’s platform and have now been left without voice comms for a significant period of time.

On top of all this, we’ve noted that a second broadband and VoIP provider, VoIP Unlimited, is also being impacted by a similar DDoS attack (here). But unlike Voipfone, they were able to issue a service status update at 8am this morning: “Services are operational this morning however the attacks are still ongoing. We will update here as soon as there are any changes. Please do not hesitate to contact us on 01202612000 or via a ticket on our support portal: portal.voip-unlimited.net should you have any issues. Thank you for your patience.

The situation is helping to highlight one of the new challenges with switching from the old analogue copper phone network and on to an all-IP platform. Providers of VoIP solutions will need to invest more to ensure resilience, particularly as this sort of event can also disrupt access to the emergency services and Ofcom won’t be happy about that.

UPDATE 10:40am

A spokesperson for Ofcom told ISPreview.co.uk: “We’re aware that Voipfone is experiencing problems with its network, and we’re contacting them to establish the scale and cause of the problem as soon as possible.”

UPDATE 4:19pm

The MD of Voip Unlimited has revealed to The Register that the DDoS appears to be part of a “planned and organised DDoS attack” against VoIP companies in the UK by a Russian-based “criminal hacking organisation called REvil“, which they say has come attached to a “colossal ransom demand.”

Voip Unlimited’s latest service status update, which was posted at 4pm, said: “The DDoS attack is continuing, however, Voip unlimited engineers have observed a further large-scale wave of attacks this afternoon. We are working to mitigate and we will continue to monitor as usual.”

Meanwhile, over at Voipfone, a new update was posted at 2:37pm, but it doesn’t really say anything new: “Our team continue to work tirelessly to fix the issue that’s disrupting our services, we really do apologise for the inconvenience this may be causing you. The messages of support and understanding that we’ve received from our customers, really is overwhelming and very much appreciated. We will continue to post updates as things develop.”

However, some Voipfone customers have recently noted a return of their service, at least for the past couple of hours.

Original Source link

Posted in Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *

fifty six − 52 =