A cyber attack hits UK internet telephony providers

According to an industry body, an “unprecedented” and coordinated cyber attack hit several UK-based VoIP (Voice over Internet Protocol) service providers.

Industry Comms Council UK said many of its members have been targeted by Distributed Denial of Service (DDoS) attacks in recent weeks.

“A global threat has been made to the entire industry,” a spokesperson added.

Ofcom said it was aware of the situation.

DDoS attacks work by flooding a website or online service with internet traffic in an attempt to take it offline or otherwise make it inaccessible.

In the past, they often took websites offline and were sometimes used to make political statements.

But the latest wave of attacks have targeted VoIP in an alleged attempt to extort those companies.

VoIP providers offer Internet-based calling to a wide range of customers, including businesses and utilities, including police and NHS.

In a statement, the Comms Council UK said DDoS attacks on British VoIP companies have occurred in the past four weeks and “appear to be part of a coordinated international campaign focusing on extortion by professional cybercriminals.”

The body said it is in contact with the UK government, Ofcom and the National Cyber ​​Security Center (NCSC) on the matter.

A spokesperson for the UK Comms Council told the BBC that it was unable to specify how many companies were affected and added that it would describe the scale of the attack as “unprecedented”.

“We have never seen anything like it since we were established in 2004,” he said.

“Ransom threats have been made to numerous suppliers and a global threat has been made to the entire industry.

“The attackers started down that road, with attacks underway.”

An Ofcom spokesperson said: “We are aware that some networks have been experiencing problems recently.

“We are in contact with them to establish the extent and cause of the problem, and also in close liaison with the UK government and the National Cyber ​​Security Center.”

For the hardcore hacking fraternity, DDoS attacks are often sniffed.

These blunt instruments are hardly considered hackers.

But that doesn’t mean they don’t work, and this latest development proves it.

By harnessing the weaknesses of VoIP, this wave of attacks is actually a smart twist on the traditional DDoS approach.

While they don’t cause widespread problems yet, attacks have the potential to hit us where it really hurts, making our Zoom and Teams meetings even more painful with interruptions and delays.

The technology to protect businesses and websites from DDoS attacks has improved dramatically in recent years, said cybersecurity expert Alan Woodward of the University of Surrey.

“DDoS is a bit of a surprise as an attack method,” he added.

“Right now, ransomware is more common for criminals to extort money.”

The BBC contacted the NCSC for comment.