Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Bandwidth.com is a VoIP services company that is providing voice telephony over the Internet to businesses and resellers.
VoIP (Voice over Internet Protocol) is a technology that turns a human’s voice into an electrical signal, enabling calls from a computer, a VoIP phone, or other data-driven devices. To put it another way, VoIP represents phone services offered over the internet.
What Happened?
Bandwidth.com is the latest victim of the distributed denial of service attacks that kept on targeting VoIP providers.
The company reported the fact they were experiencing unexpected failures with their voice and messaging services.
Bandwidth is investigating an incident impacting Voice and Messaging Services. Calls and Messages may experience unexpected failures. All teams are actively engaged.
Since then, Bandwidth.com has issued regular status updates documenting problems affecting phone, Enhanced 911 (E911) services, messaging, and portal access.
Many additional VoIP suppliers, including Twilio, Accent, DialPad, Phone.com, and RingCentral, have experienced outages in the last few days, taking into account the fact that Bandwidth is one of the top telephony providers for US voice over IP firms.
While it is unclear whether these failures are connected to Bandwidth’s service disruption, all of the providers previously mentioned have indicated that their problems are due to another upstream provider.
The upstream provider has indicated that service has returned to normal operation. We will continue to monitor this situation and report any new information as it becomes available. Customers should be prepared for potential impairments of inbound services within 12-16 hours as the potential exists for this DDoS attack to return. We will not close this issue until services have returned to the normal operation for a period of 72 hours.
Initially Twilio declared for BleepingComputer that they were not affected by the attack against Bandwidth, but their status page states that they had issues with Bandwidth today.
Monitoring – We are observing recovery in Twilio Voice call quality and connection issues. Bandwidth is reporting the issue resolved as well. We will continue monitoring the service to ensure a full recovery. We will provide another update in 2 hours or as soon as more information becomes available.
Not the First VoIP Attack of the Month
Recently VoIP.ms suffered a week-long DDoS attack that managed to take down almost all of their services and portals, leaving their customers without voice services.
This attack was an extortion DDoS attack in which the threat actors impersonating the ransomware group ‘REvil‘ initially demanded one bitcoin ($45,000) to halt their attacks but later increased it to 100 bitcoins ($4.5 million).
@voipms
ok, enough communication
The price for us to stop is now 100 Bitcoin into the pastebin BTC addressI am sure your customers will appreciate your 0 fucks given attitude in multiple law suits
REvil
— REvil (@REvil92457183) September 18, 2021
In order to conduct DDoS attacks, the threat actors overwhelm servers, portals, and gateways by sending more requests than can be handled and in this way making the targeted devices and servers inaccessible to anyone else.
Dora is a digital marketing specialist within Heimdal™ Security. She is a content creator at heart - always curious about technology and passionate about finding out everything there is to know about cybersecurity.
