Bandwidth.com is latest victim of DDoS attacks against VoIP providers

Pickles von Brine · September 28, 2021

Quote

Bandwidth.com has become the latest victim of distributed denial of service attacks targeting VoIP providers this month, leading to nationwide voice outages over the past few days.

Bandwidth is a voice over Internet Protocol (VoIP) services company that provides voice telephony over the Internet to businesses and resellers.

Since then, Bandwidth has been providing frequent status updates detailing outages affecting voice, Enhanced 911 (E911) services, messaging, and access to the portal.

As Bandwidth is one of the leading telephony providers for US voice over IP companies, many other VoIP vendors reported outages over the past few days, including Twilio, Accent, DialPad, Phone.com, and RingCentral.

While it has not been confirmed if these outages are related to Bandwidth's service disruption, all of the above carriers stated that another upstream provider has caused their outages.

I work in an IT company and we received this from our VOIP provider:

Quote

In short, VoIP providers rely on underlying services from organizations called CLECs. A CLEC is a Competitive Local Exchange Carrier, which are service providers that translate modern digital phone service across the legacy phone network. If you’d like to learn more details about how they work, review this wikipedia page.

One of the largest CLECs in the country, Bandwidth (NASDAQ:BAND), has been the target of a Distributed Denial of Service Attack (“DDoS attack”) which occurs when a threat actor in control of millions of computers - often infected by malware - attempts to overwhelm the resources of a website or application by sending malicious data or pretending to be legitimate users of the application. These attacks are designed to exceed the capacity of the targeted application or service which results in degraded performance or a complete loss of access or use. DDoS attacks - when conducted at significant volumes - are difficult for carriers to withstand and mitigate.

Because <insertname> and all other major voice providers are downstream from CLEC carriers, the ability of voice providers to mitigate interruptions to these services is limited. The public telephone system in the United State is designed so that phone numbers are mapped to a single carrier, and therefore, there is no inherent ability to create redundancy for inbound call routing. Because of this limitation, service providers like <insertname> are subject to the availability of services from CLECs delivering inbound calls and are limited in the ability to avoid related interruptions. This limitation is true for all voice service providers, and not unique to any single provider.

We do have the ability to control outbound call routing, and we provide redundant and high availability of outbound services. However, despite this redundancy, outbound calls may continue to appear to experience problems because millions of phone numbers are ultimately routed back through the affected carrier and would therefore be negatively impacted at that time.

While the attacks currently appear to have subsided, it is unclear if there will be additional interruptions in the immediate future. Visit ... or status updates anytime, and subscribe to be proactively notified of any changes in the future.

Source

This was a nightmare for us yesterday. Our phones were all wonky, inbound calls were not working. We could here our customers, but they couldn't hear us. Calls would do weird shit once they did get through, like passing between lines. It was bad. Lasted all day yesterday. To know that someone like Bandwidth got hit and it affected so many other carriers, in many ways, shows how vulnerable many of our systems we rely on ever day are.