Emerging Threat: Telephone Denial of Service (TDoS)


TDoS attacks overload the telephone network, preventing legitimate telephone calls from being placed or received. Attacks against SLTT emergency lines, primarily at public safety answering points (PSAP) such as 9-1-1 centers, but also including utility department emergency numbers and other emergency numbers, remain a continuing threat. There is a relatively low risk of TDOSes occurring, however an attack against a PSAP could endanger emergency responders and citizens if the TDOS prevents them from contacting the PSAP. There are three known variants of this fraud, each with slightly different objectives:

Direct financial gain: These calls may target the employee at work or the organization where the employee works or worked. The attacks begin with a variant of the payday loan scam, in which callers harass their victims about repayment of a payday loan the victim purportedly took out. In these cases the callers claim the department employee took out a payday loan and the callers demand the department repay the loan on behalf of their employee. Many of the victims claim they never applied for and/or received a payday loan. The TDOS occurs after the initial demand for money.

Indirect financial gain: The second variant of the TDOS occurs during financial fraud schemes. In this case the victim of the financial fraud is the recipient of a TDOS attack, preventing the financial institution from confirming a suspicious wire transfer or Automated Clearing House (ACH) transaction. When the financial institution is unable to confirm the transaction, the transaction occurs, and the TDOS prevents the victim from learning about the transaction until it is too late to recover the money. For this reason, TDOS victims should immediately contact their financial institution to cancel any pending transactions, in addition to implementing other TDOS countermeasures.

Unknown cause: Some TDOS incidents, particularly those targeting PSAPs and emergency telephone lines do not involve a demand for money or any other obvious benefit. The objective of these attacks is currently unknown.

For more information, see http://krebsonsecurity.com/tag/telephony-denial-of-service-attack/.

IACP Conference