TDoS – An emerging threat to businesses
We’ve noticed an uptick in the number of businesses contacting us for help in preventing Telephony Denial of Service (TDoS) attacks. This seems to be an increasing threat. Here’s how you can protect your organization.
The TDoS threat
The companies that have contacted us for TDoS prevention have one thing in common: they get a lot of their business over the phone. Recent examples include a taxi company, an auto dealer, and a travel agency.
These businesses faced similar attack profiles: lots of calls were coming into their sales lines, tying up their phones so that legitimate customers couldn’t reach them. Each had a strong suspicion that competitors were waging these attacks. They were losing business.
TDoS prevention
Here are the services we recommend for TDoS prevention:
- Inbound Shield checks that the calling number is valid and is not on our curated blacklist.
- Phone Number Reputation Lookup checks the reputation score of the calling number.
- STIR/SHAKEN checks that the calling number isn’t spoofed. This technique isn’t widely used yet, but it will be soon, as large carriers have committed to using it by the end of 2019.
- Real-time dynamic traffic analysis with SIP Analytics monitors calling activity and can divert or block calls that breach the configured threshold.
- The CAPTCHA gateway prompts the caller to enter a random two-digit number. Auto dialer programs can’t do that, but human callers can.
These services can be configured with flexible policy controls for different types of calls/trunks/groups/locations and so forth. Thresholds can be fine-tuned to trigger a response at the level you specify. Actions include report, block, divert to voicemail or CAPTCHA. These responses can also vary by different types of calls/trunks/groups/locations and such.
The end result: bad calls are blocked or diverted while the good calls go through.
Contact us today to learn how we can protect your business from TDoS attacks.