IP Network

VoIP DDoS Preparations – update

Simon Woodhead

Simon Woodhead

15th September 2021

By Simon Woodhead

It has been a week or so since we last updated on the emerging threat, so we wanted to update you.

Whilst nobody (except George W Bush) wants to be the one to call the end of hostilities, things appear to be returning to normal. Of course, ‘normal’ is hostile and nobody should be under any misapprehension that this or similar threats have simply gone away.

In terms of our response, we have returned to the same state of readiness we always adopt, i.e. ready, but will be outwardly quiet unless something material changes. The emergency message in the portal will remain for now, the contingency Availability Zone will remain for now but will be removed without notice when we think the time is right. Customers should be prepared for it to return in the event of an attack as it seems a useful augmentation to our preparedness.

We maintain our position that sending wholesale voice unencrypted over the public Internet is dumb and encourage customers to have a Direct Connect, to privately peer or to come on-net whenever possible. In this way you come under the shell and can still complete calls whatever the state of our (very large, diverse and ready) Internet facing edge. We also encourage you to configure for the contingency AZ detailed in the portal as we know many didn’t bother despite significant prompting and consequently failed calls when we switched over for mandatory testing. Those CP’s would have had an unplanned outage in the event of an attack and ignoring every opportunity we gave to avoid that wouldn’t have gone down well when Ofcom came knocking.

In the wider industry, I’ve got to be honest and say there’s a side of me that could see some benefit in the hostilities continuing. Obviously I never want a single end-user disrupted, and don’t condone crime, but this industry seems to thrive on lies and there are providers who’s “network” is not what they claim, if it exists at all, and there are operators who have been dining out on investments they made in the 90s for far too long IMHO. We have a good idea who stood a better than average chance of remaining standing and who would have undoubtedly been down indefinitely at the first breath of an attack. At some level, our industry and service to consumers would have taken a step towards the light if that was exposed and those of us (because it isn’t just us) who have taken this seriously and invested in preparation would have been justified in doing so. You can technically run an ITSP on a Raspberry Pi hooked up to consumer grade ADSL, but there’s infinite reasons why nearly nobody does; many really are not far from it though, whatever the website claims!

I hope this experience will wake a few more operators up, and indeed that the Regulator may have a different perspective on some of the drums we’ve been banging. Sadly, I’ve become used to meeting apathy and being disappointed where these things are concerned.

Naturally, we’ll be reviewing our own performance and would really welcome your input to that if you have an opinion on it.

Related posts