Hackers around the world are flexing their muscles.
For reasons that aren’t yet clear they have been launching distributed denial of service (DDOS) attacks against Voice over Internet Protocol (VoIP) providers and it is leading to widespread voice outages. VoIP provider Bandwidth.com is the latest company to fall victim to these attacks.
On the afternoon of September 25th the company began reporting a series of unexpected failures in their voice and messaging services. When the problem first began the company posted a notice on their status page that read as follows:
“Bandwidth is investigating an incident impacting Voice and Messaging Services. Calls and Messages may experience unexpected failures. All teams are actively engaged.”
In short order, the teams leading the investigation uncovered the root cause. Threat actors were conducting a DDOS attack against them hoping to pressure the company into paying a Bitcoin ransom to make the attacks stop. The company opted not to pay and fought back to protect its network.
For now, at least it seems that Bandwidth.com has won. However, there is no guarantee that the attacks won’t increase in their intensity. David Morken is the CEO of Bandwidth.com.
Morken published the following on the company’s blog as the attack began to abate:
“Bandwidth and a number of critical communications service providers have been targeted by a rolling DDoS attack. While we have mitigated much-intended harm, we know some of you have been significantly impacted by this event. For that, I am truly sorry.
You trust us with your mission-critical communications. There is nothing this team takes more seriously. We are working around the clock to support your teams and minimize the impact of this attack. Our account managers and support teams have been actively reaching out to customers individually to address any issues. If you are experiencing problems and you haven’t heard from us yet, please let us know.
Real-time updates will continue to be posted at status.bandwidth.com. We will not rest until we end this incident, and will continue to do all we can to protect against future ones.
Thank you for your patience.”
Kudos to Bandwidth.com for their diligence and excellent handling of this incident.