Telephony Denial of Service (TDoS)

Telephony Denial of Service (TDoS) attacks are variants of traditional DoS attack. Without centralized Telecom or network management, TDoS malicious exploit attacks successfully disable telephone system (or systems) and make them unavailable to the intended user(s) by preventing incoming and/or outgoing calls. TDoS sees an attacker successfully consuming all enterprise or remote worker available telephone resources. TDoS ranges from brute force flooding to stealthy targeted attacks on a specific SIP entity.

TDoS examples include:

• contact centers
• high network officials
• public ranked personas
• celebrities
• government agencies
• critical public infrastructure services.

There are two primary TDoS attacks:

• large scale volumetric style of attacks flooding the VOIP network
• stealthy style attacks targeting a specific target entity such as CEO phone, contact center agent, 911 critical service or an Interactive Voice Response (IVR) system.

Internet SIP networks create a global all IP based network with attackers sitting anywhere in the world with minimal resources to cause disruption, theft of service or harvest of user credentials. The Department of Homeland Security (DHS) recently issued a warning on the rising TDoS threat. DHS also offered basic detect and remediate procedures such as authenticating callers and detect call spoofing. These approaches are closely followed by RedShift Networks.

RedShift Networks works with global carriers and enterprises to fight TDoS attacks through patented technology. This real-time remediation approach deploys a SaaS combination of behavioral analytics, time series data, UC aware state machines, scoring engines, historical data and global threat intelligence to precisely identify and thwart TDoS attacks.