Skip to ContentSkip to Footer
IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
News

DDoS attacks are crippling UK VoIP operators

Businesses and emergency services are among customers hit by outages at VoIP firms

by: Connor Jones
27 Oct 2021
VoIP mockup image man dialing on a telephone

Shutterstock

Several Voice over Internet Protocol (VoIP) providers in the UK have been subjected to distributed denial of service (DDoS) attacks resulting in numerous outages affecting the public and private sector.

The UK Comms Council confirmed on Tuesday that several of its members and a number of international providers, including some in North America, have been fielding attacks for the past four weeks.

It also said the attacks appear to be "part of a coordinated extortion-focused international campaign by professional cyber criminals", as one affected vendor, Voip Unlimited, previously suggested the evidence pointed to REvil, the infamous Russian-based ransomware group.

The UK Comms Council, which is tasked with lobbying on behalf of the industry and developing best practices to increase industry-wide standards, among other duties, has offered very little details on the attacks and the affected parties.

However, it has confirmed its members supply VoIP services to the likes of the police, NHS, and other public services, adding that "attacks on our members are attacks on the foundations of UK infrastructure".

"We are liaising closely with the UK Government, National Cyber Security Centre, Ofcom & international agencies to share information and details about the nature of the attacks in the expectation of halting this criminal activity as quickly as possible," said the UK Comms Council in a statement.

"We are confident that, with a joined-up Government-led initiative, this damaging criminal activity can be halted.“

Speaking to IT Pro, neither the UK Comms Council or National Cyber Security Centre (NCSC) were able to comment on specific vendors that may or may not be affected by the coordinated DDoS attacks, but there are a number of cases in the public domain which suggest they could be linked with the attacks referenced by the council.

Related Resource

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Man and woman looking at a laptop in an office building Free download

London-based Voipfone is still experiencing service disruptions, according to its status page. As of Wednesday morning, the company said: "We continue to work on addressing the issues effecting our network. A level of service has been restored, but there may still be a risk of further disruption. We will continue to update as the incident progresses".

Like Voip Unlimited, Voipfone also suggested the attack appeared to be conducted from "overseas criminals" in a Monday update.

Private sector customers have been complaining on social media about the frequency of outages at the firm, seeking compensation. 

Speaking on who may be behind the attacks, Pascal Geenens, director of threat intelligence at Radware said: "In September, and still ongoing into October, an actor or group posing as REvil was sending out ransom demands to VoIP providers in the UK and Canada. In the case of the Canadian VoIP provider Voip.ms, the actors went public and leveraged Twitter to get word out of their threats and why Voip.ms was experiencing service disruptions.

"The tactic of disclosing victims publicly is one that is used by ransomware operators to increase the pressure on its victims. It is one thing to be under attack and trying to fend it off, it is another to fight off the attack while the whole world and all your customers are watching. And customers have their own opinions, so companies will vouch to pay the criminals to make it stop and restore the service."

The NCSC was unable to confirm the scale of the attacks and whether affected operators were still under attack. But it did say it was working with partners to support those who needed it. 

"Denial-of-service attacks are a common threat, and we urge all organisations to follow our guidance on how to prepare for and deal with them," it said in a statement to IT Pro.

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download

Most Popular

The big PSTN switch off: What’s happening between now and 2025?
Sponsored

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
HMRC lost nearly 50% more devices in 2022
Hardware

HMRC lost nearly 50% more devices in 2022

17 Mar 2023
Why – and how – IP can be the hero in your digital transformation success story
Sponsored

Why – and how – IP can be the hero in your digital transformation success story

6 Mar 2023
Skip to HeaderSkip to Content