A hacker was able to compromise the phone exchange of a Vocus customer and flood the 000 emergency call service, operated by Telstra, with 600 calls at a time last weekend. As a result early on the morning of 26 May 2018, some emergency callers didn’t receive a return call for up to nine hours.
Vocus provides businesses with cloud based and other phone systems rather than traditional PBX solutions. One of their customer’s systems was compromised and an unknown party from overseas was able to launch a denial of service attack on the 000 service by calling from what looked like an anonymnous number. When calls were answered by an operator, there was no one on the line.
It’s believed the attack was an attempt to bypass global call charges. By initiating calls from another country, over the internet and then using the compromised phone system to make calls to Australian numbers, the attacker could call numbers from another country without being charged for an international call.
This sort of attack is being used to dupe people into answering local calls and then scammers try to get them to hand over personal information or other data.
The hacker’s mistake here was that their dialling system prefixed a bunch of calls with 000, instead of using local area codes. As a result, the emergency services’ number was smashed with a massive influx of calls.
Attacks like this highlight the importance of ensuring all systems, especially any that are externally facing, are fully secured and kept up to date. And while service providers can provide secure platforms, there’s also an obligation on customers to use robust procedures, such as two-factor authentication and encryption, to reduce the risk of being attacked.