Cybersecurity Warning Bulletin: Telephony Denial of Service Attacks Continue With Current Focus on Healthcare
Cyber criminals continue to conduct Telephony Denial of Service (TDoS) attacks to extort money from businesses and governments that rely heavily on telephones. In a TDoS attack criminals flood a victim’s telephone lines with fake calls that makes it impossible to use their telephones. The criminals then demand payment to stop the jamming calls and make the phone lines functional again. The FBI reports that the current focus of TDoS attacks is the Healthcare and Public Health Sector. At least one instance has been reported where the 9-1-1 Public Safety Access Point (PSAP) communications of a hospital were disabled. This is obviously a very serious situation and victims are encouraged to report these crimes to the FBI immediately.
This kind of extortion tactic is an outgrowth of more traditional Denial of Service attacks (DoS) attacks where computer hackers bring down websites and render them in accessable by flooding them with fake visitor and pings. With this relatively new kind of telephone based attack, cyber criminals used faked or spoofed telephone numbers, or untraceable assigned IP addresses, to make these calls. This makes it far more difficult for law enforcement to track. Due to the ease of TDoS attacks on vulnerable systems, and the ease of evading detection, the FBI expects an increase of TDoS attacks. Moreover, the attacks are likley to expand to other industries that rely heavily on telephone lines. Be forewarened and be prepared.
If you are a victim of this kind of attack. Do not pay the extortion. There is no guaranty the criminals will not attack again and demand more. Report all such attacks to your local FBI office and otherwise take steps to secure all of your lines of communication, cyber-based and telephone-based, from black-hat hacker attacks. Cybersecurity should be part of everyone business.