IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

DDoS attacks are crippling UK VoIP operators

Businesses and emergency services are among customers hit by outages at VoIP firms

Several Voice over Internet Protocol (VoIP) providers in the UK have been subjected to distributed denial of service (DDoS) attacks resulting in numerous outages affecting the public and private sector.

The UK Comms Council confirmed on Tuesday that several of its members and a number of international providers, including some in North America, have been fielding attacks for the past four weeks.

It also said the attacks appear to be "part of a coordinated extortion-focused international campaign by professional cyber criminals", as one affected vendor, Voip Unlimited, previously suggested the evidence pointed to REvil, the infamous Russian-based ransomware group.

The UK Comms Council, which is tasked with lobbying on behalf of the industry and developing best practices to increase industry-wide standards, among other duties, has offered very little details on the attacks and the affected parties.

However, it has confirmed its members supply VoIP services to the likes of the police, NHS, and other public services, adding that "attacks on our members are attacks on the foundations of UK infrastructure".

"We are liaising closely with the UK Government, National Cyber Security Centre, Ofcom & international agencies to share information and details about the nature of the attacks in the expectation of halting this criminal activity as quickly as possible," said the UK Comms Council in a statement.

"We are confident that, with a joined-up Government-led initiative, this damaging criminal activity can be halted.“

Speaking to IT Pro, neither the UK Comms Council or National Cyber Security Centre (NCSC) were able to comment on specific vendors that may or may not be affected by the coordinated DDoS attacks, but there are a number of cases in the public domain which suggest they could be linked with the attacks referenced by the council.

Related Resource

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Man and woman looking at a laptop in an office building Free download

London-based Voipfone is still experiencing service disruptions, according to its status page. As of Wednesday morning, the company said: "We continue to work on addressing the issues effecting our network. A level of service has been restored, but there may still be a risk of further disruption. We will continue to update as the incident progresses".

Like Voip Unlimited, Voipfone also suggested the attack appeared to be conducted from "overseas criminals" in a Monday update.

Private sector customers have been complaining on social media about the frequency of outages at the firm, seeking compensation. 

Speaking on who may be behind the attacks, Pascal Geenens, director of threat intelligence at Radware said: "In September, and still ongoing into October, an actor or group posing as REvil was sending out ransom demands to VoIP providers in the UK and Canada. In the case of the Canadian VoIP provider, the actors went public and leveraged Twitter to get word out of their threats and why was experiencing service disruptions.

"The tactic of disclosing victims publicly is one that is used by ransomware operators to increase the pressure on its victims. It is one thing to be under attack and trying to fend it off, it is another to fight off the attack while the whole world and all your customers are watching. And customers have their own opinions, so companies will vouch to pay the criminals to make it stop and restore the service."

The NCSC was unable to confirm the scale of the attacks and whether affected operators were still under attack. But it did say it was working with partners to support those who needed it. 

"Denial-of-service attacks are a common threat, and we urge all organisations to follow our guidance on how to prepare for and deal with them," it said in a statement to IT Pro.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022