Posted on September 29, 2021 at 8:04 AM
Distributed denial of services attacks have been on the rise in the past few months. Many companies have fallen victim to these attacks, with the latest one being Bandwidth.com.
Bandwidsth.com is a VOIP service provider, and it has now been added to the long list of VoIP service providers whom threat actors are targeting. Bandwidth’s attack happened this month, and it led to nationwide voice outages for several days.
Bandwidth Suffers DDoS Attack
Bandwidth is a voice over Internet Protocol (VoIP) service company that offers a wide range of services. Among the common services offered by this provider is voice telephony over the Internet to business entities and firms that want to resell.
Bandwidth suffered a DDoS attack that started on September 25. Following this attack, the service provider noticed that they were experiencing failures in voice and messaging functionalities. However, Bandwidth assured its users that it had a team on the ground that was actively looking into the matter.
Bleeping Computer first reported the Bandwidth DDoS attack on Monday. In the alert, Bleeping Computer stated that the issues being faces by Bandwith.com was because of a distributed denial-of-service attack that was now being routinely targeted at VoIP service providers.
On their status page, Bandwidth noted that “Bandwidth is investigating an incident impacting Voice and Messaging Services. Calls and Messages may experience unexpected failures. All teams are actively engaged.”
The DDoS attack on Bandwidth had a ripple effect on other VoIP service providers, given that Bandwidth is a leading telephony service provider in the US for other VoIP service companies. Hence, vendors who purchased telephony services from Bandwidth for resale also experienced outages that lasted several days. Among the affected companies include Accent, DialPad, Phone.com, RingCentral and Twilio.
The CEO of Bandwidth, David Morken, acknowledged this DDoS attack stating that several communication service provider firms had been targeted by consecutive DDoS attacks that have become rampant in the communications sector.
In his statement, Morken stated that “While we have mitigated much-intended harm, we know some of you have been significantly impacted by this event. For that, I am truly sorry. You trust us with your mission-critical communications. There is nothing this team takes more seriously.”
He also added that support teams were working around the clock to ensure that everything went back to normal and that the impact of this attack was kept to a minimum. “Our account managers and support teams have been actively reaching out to customers individually to address any issues. We will not rest until we end this incident and will continue to do all that we can do to protect against future ones.”
Bandwidth has been flocking their status page with several updates regarding the matter and the team’s progress so far to get rid of the attack. In one of the updates, the company stated that its services had gone back to functioning normally. However, the firm’s engineering team was still monitoring the situation. the company also noted that it was contacting customers to address any issues that they may be having. The status page has continued to be updated with the company’s progress so far and has assured customers that it will be timely in providing any additional information.
Despite issuing this statement that services had gone back to normal, the company has continued to publish other updates that show partial outages related to inbound and outbound calling services.
DDoS Attacks on the Rise
DDoS attacks targeted at VoIP service providers have been rampant in recent weeks. VoIP.ms, another leading VoIP service provider, stated that it had suffered a DDoS attack that lasted for a full week. This attack was major, given that it brought down almost all the services and portals of this VoIP service provider. VoIP customers were affected because they could not gain access to voice services.
The VoIP attack on VoIP.ms was a ransomware attack. The threat actors who compromised the company’s systems demanded one Bitcoin as payment, equivalent to around $43,000. However, the attackers later increased this amount to 100 Bitcoins, equivalent to $4.3 million, to stop the DDoS attacks.
The threat actors behind the VoIP.ms attack were impersonating the REvil ransomware group that is notorious for conducting several ransomware attacks on major institutions and high profile individuals.
These DDoS attacks have had a ripple effect across the telecommunications sector. Individuals and businesses have been reporting increasing cases of telephone interruptions. A survey of online activity also shows that the interruptions seem to be spreading to other VoIP service providers across the country, with the situation not being under control. The outages have also been reported in Europe and the UK.