[ISN] Hacking The TDoS Attack

http://www.darkreading.com/attacks-breaches/hacking-the-tdos-attack/240155809 By Kelly Jackson Higgins Dark Reading May 30, 2013 When an ICU nurse refused to pay scammers who insisted she owed money for a payday loan, they unleashed a robo-dial flood of hundreds of calls per hour that ultimately shut down the phone system of the hospital’s intensive care unit. In another case, supporters of a popular company that received a negative rating from a major financial firm voiced their displeasure by crowdsourcing phone calls to the firm in an attempt to block its trading and other functions — and they organized it via a Facebook Event post. These real-world cases of telephony denial-of-service (TDoS) attacks in the past year didn’t get the publicity that distributed denial-of-service (DDoS) attacks did, but security experts say these types of attacks have been on the rise in the past couple of years and can be just as damaging as a DDoS. “Personally, I believe that it’s a more invasive approach to target a company’s [or] individual’s primary means of communication. Just like DDoS attacks, based on my observations, they tend to abuse the infrastructure of legitimate services, Skype, ICQ, major U.S-based carriers, and relevant SIP providers,” cybercrime researcher Dancho Danchev said in an interview via email. TDoS attacks — which earlier this year were becoming prevalent enough that the U.S. Department of Homeland Security issued an alert about a threat of TDoS attacks on public sector entities in an attempt to extort money — are typically similar in motivation and goals as DDoS attacks that flood networks, websites or other servers with massive volumes of traffic meant to bring an organization’s data structure to its knees. Call centers are the most popular TDoS targets — they’re easy to contact and flood with calls — and, increasingly, there are more tools readily available tools for launching these attacks on any organization or individual’s location. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org