David Morken, CEO of Bandwidth.com, has confirmed that a DDoS attack was responsible for recent outages reported on the site on September 27th. Citing that “a number of critical communications service providers have been targeted by a rolling DDoS attack” in a recent statement, Morken also apologized to those who were significantly impacted and assured users that the issue was being addressed and fixed.
As attacks such as this continue to rise, it’s important for fellow businesses to understand what exactly went wrong and if anything could have been done differently to avoid such a catastrophe. DDoS attacks and similar breaches of security can cause serious damage to business reputations and may even put companies under completely.
Let’s take a closer look at this most recent DDoS attack on Bandwidth.com — an attack that also affected several other communications service providers.
Before getting into the details of the attack, let’s take a look at the company Bandwidth. Bandwidth.com is a global enterprise cloud communications business. Basically, they are a VoIP (Voice over Internet Protocol) service company.
VoIP solutions companies provide VoIP services (incoming and outgoing communications using the Internet or IP networks instead of telephone systems) to both individual consumers and businesses.
DDoS stands for distributed denial-of-service. This type of attack essentially corrupts the attack victim’s computer services (usually a website) so that they are unusable. It does this through overwhelming the target site with sham malicious traffic. The site becomes so flooded that it’s unable to operate correctly.
The DDoS attack that occurred in September of 2021 targeted Bandwidth.com, but they weren’t the only victims. In fact, cybercriminals launched several attacks — some of which reached other communications companies as well.
These companies include VoIP.ms, Voip Unlimited, and Voipfone. Several of the targeted DDoS plans included ransomware infections.
Ransomware is malicious software, or malware, that comes with a ransom threat. Effectively, the target must decide if they want to recover access to their computer systems in exchange for paying a large sum of money to the cybercriminal or if they want to figure out a fix on their own and likely risk losing original access to their networks. Sometimes, actual data is on the line, and if the ransom is not paid, data will be lost, stolen, and sold on the dark web, or permanently corrupted.
CEO David Morken stated that Bandwidth’s team was working around the clock to minimize the impact of the attack. However, they also admitted that many of their clients and users had already been affected. Multiple MSPs and other clients who use Bandwidth as a host also stated having issues, which were affecting their own systems and clients in a catastrophic cascade effect.
After the initial phase of outages, Bandwidth.com updated its status with several more partial outages. Issues affected both outbound and inbound calling services.
According to recent reports, distributed denial-of-service attacks are on the rise in North America and other places like Europe and Australia. Like it or not, cybercriminals are getting more creative as they target large corporations and businesses in an attempt to steal data, corrupt networks, wreak general havoc, and, of course, make money.
Although it’s not pleasant to consider, it’s best to act as if your business may be targeted by a DDoS attack in the future. Doing so can help orient your purpose when it comes to cybersecurity and will spur you to make the necessary decisions to keep your business safe. Essentially, fear is the worst.
This means reminding yourself and your employees that they should be on the lookout for signs of a cyberattack. Understand and train your staff on phishing scams and other telltale signs of cybercrime.
It also means hiring an MSP that has strength in cybersecurity. Speak to them about their preventive measures regarding DDoS attacks and similar breaches of security. What do they do to prevent these issues, and what do they do when one occurs?
No matter how small your business or what industry you’re in, you can always be the target of cybercrime. Put in the time and energy necessary to keep your business safe from harm.