July 15, 2019

July 15, 2019

Subscribe to Latest Legal News and Analysis

July 12, 2019

Subscribe to Latest Legal News and Analysis

Cybersecurity Warning Bulletin: Telephony Denial of Service Attacks Continue With Current Focus on Healthcare

Cyber criminals continue to conduct Telephony Denial of Service (TDoS) attacks to extort money from businesses and governments that rely heavily on telephones. In a TDoS attack criminals flood a victim’s telephone lines with fake calls that makes it impossible to use their telephones. The criminals then demand payment to stop the jamming calls and make the phone lines functional again. The FBI reports that the current focus of TDoS attacks is the Healthcare and Public Health Sector. At least one instance has been reported where the 9-1-1 Public Safety Access Point (PSAP) communications of a hospital were disabled. This is obviously a very serious situation and victims are encouraged to report these crimes to the FBI immediately.

Ralph LoseyThis kind of extortion tactic is an outgrowth of more traditional Denial of Service attacks (DoS) attacks where computer hackers bring down websites and render them in accessable by flooding them with fake visitor and pings. With this relatively new kind of telephone based attack, cyber criminals used faked or spoofed telephone numbers, or untraceable assigned IP addresses, to make these calls. This makes it far more difficult for law enforcement to track. Due to the ease of TDoS attacks on vulnerable systems, and the ease of evading detection, the FBI expects an increase of TDoS attacks. Moreover, the attacks are likley to expand to other industries that rely heavily on telephone lines. Be forewarened and be prepared.

If you are a victim of this kind of attack. Do not pay the extortion. There is no guaranty the criminals will not attack again and demand more. Report all such attacks to your local FBI office and otherwise take steps to secure all of your lines of communication, cyber-based and telephone-based, from black-hat hacker attacks. Cybersecurity should be part of everyone business.

Jackson Lewis P.C. © 2019


About this Author

Ralph C. Losey, Jackson Lewis, Trial E-Discovery Lawyer, Discovery Best Practices Attorney

Ralph C. Losey is a Principal in the Orlando, Florida, office of Jackson Lewis P.C. He serves as the firm’s National e-Discovery Counsel.

Mr. Losey has served for years as an Adjunct Professor at the University of Florida’s College of Law, teaching e-discovery. He is also the co-founder of the IT-Lex foundation and the Electronic Discovery Best Practices group (EDBP.com). Mr. Losey is a frequent speaker at e-discovery conferences and CLEs around the country and a leading contributor in the field of legal search, including...