Learning Hub

Blogs

Recent Blogs

Simplifying Regulatory Compliance and Reliability for Power Utilities with Voxtelesys' VAST Flow Builder

Simplifying Regulatory Compliance and Reliability for Power Utilities with Voxtelesys' VAST Flow Builder

Business Solutions
IT Integration
Call Center
Simplifying Regulatory Compliance and Reliability for Power Utilities with Voxtelesys' VAST Flow BuilderManaging customer interactions effectively is crucial for power utilities, especially in a highly regulated and reliability-focused environment. Clear and efficient communication is critical to complying with regulations and ensuring reliable service. Properly handling phone calls is a vital part of this process, and that's where the call flow builder from Voxtelesys comes into play. Learn More
VAST Flow Builder is Here: Unlock the Power of Workflow Automation

VAST Flow Builder is Here: Unlock the Power of Workflow Automation

IT Integration
Call Center
CCaaS
VAST Flow Builder is Here: Unlock the Power of Workflow AutomationIn the world of modern telecommunications, staying ahead means constantly innovating and optimizing how you manage customer interactions.We’re thrilled to announce that the VAST Flow Builder, a tool designed to take your workflow automation to the next level, will officially launch on September 16th. If you’ve been searching for a solution that rivals the capabilities of Twilio Studio but offers even greater flexibility, customization, and affordability, look no further. Learn More
Get Ready for VAST Flow Builder: Revolutionizing Workflow Automation

Get Ready for VAST Flow Builder: Revolutionizing Workflow Automation

Business Solutions
IT Integration
Call Center
Get Ready for VAST Flow Builder: Revolutionizing Workflow AutomationIn today’s fast-paced business environment, automating and optimizing workflows is critical to maintaining a competitive edge. We are excited to introduce the VAST Flow Builder. This tool will make your complex telecommunication processes more manageable. Learn More

Popular Blogs

3CX Version 20

3CX Version 20

Call Center
SMB
PBX
3CX Version 20Take advantage of our offer: No setup fees will be charged for upgrading to 3CX V20 with Hosting by Voxtelesys until March 2024! - 2 Core, 2 GB All 3CX's hosted by Voxtelesys come standard with a minimum of 2vCore and 4GB's of memory, so no worries here. - Sufficient Disk Space needed. Ensure a minimum of 5 GB of free disk space - The source list must remain unaltered for a successful upgrade; any modifications will result in failure Remove any additional source lists. If you are utilizing Microsoft Azure, verify by checking "cat /etc/apt/sources.list.d/microsoft-prod.list." Learn More
3CX's Latest Release: Geo-Routing Headers Take the Lead in Dynamic E911 Integration

3CX's Latest Release: Geo-Routing Headers Take the Lead in Dynamic E911 Integration

3CX
911
Calling
3CX's Latest Release: Geo-Routing Headers Take the Lead in Dynamic E911 Integration3CX is leading the telecommunications industry with its new release, v20, which features an innovative integration of Dynamic E911. The main change in this update is that 3CX has decided to use geo-routing headers. This move simplifies the process and enhances the reliability and efficiency of emergency call routing. Learn More
Host Your 3CX with Voxtelesys

Host Your 3CX with Voxtelesys

Business Solutions
Call Center
Hosted
Host Your 3CX with VoxtelesysEffective communication is the cornerstone of success in today's fast-paced business environment. As organizations strive to enhance their telecommunication infrastructure, 3CX emerges as a leading CCaaS solution, offering flexibility, scalability, and powerful features. Partnering with Voxtelesys, a renowned name in telecommunications, provides premium hosting and support for your 3CX setup, ensuring seamless, secure, and superior business communication. Why Choose 3CX? 3CX is an open-platform, software-based PBX system that delivers voice calls, video conferencing, live chat, and SMS. It's designed for businesses of all sizes, helping to reduce communication costs, improve customer experience, and boost productivity. The Voxtelesys Advantage offers unmatched reliability, optimized performance, enhanced security, scalable solutions, and expert support, ensuring your 3CX system effectively addresses voice communications' unique demands effectively. With Voxtelesys, transitioning to or upgrading your 3CX system is seamless, providing a robust, reliable, and efficient communication system that is essential in the digital age. Hosting your 3CX with Voxtelesys gives your business a competitive edge, transforming how your organization connects, collaborates, and thrives. Learn More
Home / Learning Hub / Blogs / Increase in DDoS Attacks on VoIP CarrierFAQs
Increase in DDoS Attacks on VoIP Carrier
Customer Experience
Business Solutions
SIP/VoIP

Attacks against VoIP services have been growing since 2013. In September 2021, DDoS attacks were launched against VoIPms, Bandwidth, Twilio, and Telnyx. A few months later, an attack was launched against UK-based VoIP service provider VoIP Unlimited. The attackers used the same malware in all these attacks. Threat actors' aim seems to be to extort money from companies. Attacks seem to be coordinated internationally.

VoIP service providers are being targeted by cybercriminals who use DDoS attacks to disrupt business by causing outages of the VoIP, Cloud, and IP Infrastructure. The signs that your Provider may be experiencing such an event; are failed calls, API and Portal latency/time-outs, and/or delayed messages until the attack stops. These attacks are more sophisticated than ever, using reflection/amplification, layering, and adaptation or "Volumetric Attack." Additionally, threat actors use of bot networks in conjunction with unsecured Services like DNS and spoofed IP addresses making the attack appear as if it came from many different locations and attack vectors. A truly global event.

A successful DDoS attack against a VoIP provider's services can significantly affect the ability to provide critical products and services, such as emergency response, medical care and other essential functions.

High-volume DDoS attacks can disrupt the entire network. Collateral damage includes shared resources such as servers, routers, switches, and other equipment. Compounding this is that many providers host their infrastructure with companies like Amazon AWS and Google GCP, which contracts allow them to blackhole the offending services and protect the network. We saw this with companies like VoIPms and Telnyx.



Attack Vectors

Mitigating DDoS attacks is not a simple accomplishment. Adding a simple filter or rate limit to your firewall won't cut it. SIP floods are usually the first attack vector used by attackers. SIP flood attacks are very effective because they overwhelm the target system without requiring much effort or money. Due to bottlenecks in databases, complex systems authentication mechanisms, media servers "running out of ports," CPUs and/or memory used to handle SIP sessions exceed available resources. Malformed SIP messages cause errors, filling up logs, or logging servers. SIP over TCP or SSL vulnerable file descriptor exhaustion attacks and rate limiting does not prevent these attacks. If you survive the SIP flood, there is a second vector.

Illustration of a DDoS attacker

Volumetric Attacks are effective simply due to the nature of VoIP and its reliance on UDP. The Volumetric Attack reported by Bandwidth reported trillions of packets per second and bandwidth requirements above 200Gbps. Even if you can handle this, your edge upstream will have issues causing them to blackhole the destination network to protect the overall health of the upstream network.



Mitigation

The solution to this issue is simply Cloudflare, to be more specific, their Magic Transit product. Voxtelesys has no inside knowledge of what was done by the affected carriers; we can only surmise based on the effect and resolution. During the attacks in 2021, it started with VoIPms, which spoke about using an entirely cloud-based solution. We love the premise and commitment their development makes to the solution. Unfortunately, during the multiple weeks of that event, we saw epic trolling by competitors that were less than gracious to their toil.

VoIPms was at a disadvantage for three reasons. First, every cloud hosting vendor has a clause that allows them to blackhole any traffic it deems destructive; unfortunately, that meant UDP. Second, any shared resource within a cloud solution is only profitable if its means of consumption can be leveraged, leaving little to no incentive for the cloud hosting provider to fix. Third, they may not have been the first, but they were the most public; carriers after them could learn from their success and failures.

We then saw Bandwidth get hit. Bandwidth was the most successful mitigating out of the gate; they were prepared with DDoS Mitigation Multiple IP peerings. But in the end, they fell to the attack. The effect on Bandwidth was not a complete outage as in the case VoIPms the 200Gbps at the upstream IP peering took them down. A few weeks later, it was Telnyx's turn. Telnyx utilizes AWS anyCast network for its front-end services. As noted with VoIPms cloud provider will blackhole any traffic considered detrimental to the stability of the network. Cloudflare was the solution in all three cases; the issue lies in the vast amount of traffic sent and the saturation of their IP networks. Cloudflare mitigated the attack at the edge of their network, blocking traffic as close to the source as possible.



Conclusion

It is evident that during the attacks, carriers that relied heavily on 3rd party cloud hosting to deliver services and did not have DDOS mitigation through Cloudflare magic transit were at a disadvantage in resolving issues. It is fortunate that Bandwidth and VoIPms worked as diligently as they did to resolve the DDoS event. Due to their efforts, the rest of our industry saw our path forward. As a Carrier, we always fear the failure of our infrastructure. We never like to see others struggle, and when we see a large Carrier like Bandwidth go down, it affects more than Bandwidth customers; our customers cannot reach businesses that rely on Bandwidth. Voxtelesys never wants to earn a customer because of a DDoS attack; we want to earn a customer because we provide superior service and support.



Sources


General Information


VoipMS


Bandwidth


Bandwidth Resellers

US and Canadian carriers such as:

  • Crosstalk SIP
  • ClearlyIP
  • voipms
  • Accent
  • RingCentral
  • Twilio
  • DialPad
  • Phone.com

Telnyx


Iristel


Connect with Voxtelesys on Facebook, X, or LinkedIn.

Voxtelesys is your 3CX Titanium Partner & Preferred Carrier. We have your back!

Voxtelesys has everything your business needs get your communications up to date! Business phone system, PBX hosting, SIP trunking, SMS messaging, video conferencing and more. Click here to get started.