Protection of telecommunications

Effective protection against TDoS attacks and telephony peaks

Telephony Denial of Service (TDoS) attack is an attempt to make the telephone system inaccessible to users by blocking incoming and/or outgoing calls. To do this, attackers successfully overflow all available telephone resources, so that there is no free telephone line.

Attackers use TDoS attacks, demanding a ransom to stop the attack. TDoS are also used to block bank notifications about unauthorized transfers of funds, etc. Sometimes TDoS attacks occur as a result of errors or peak loads of legitimate users. TDoS attacks can be of short duration or last intermittently for several days.

Regardless of the TDoS attack’s nature, we offer an effective remediation set for peak loads:

Analysis and testing of telecommunication security

A) PBX IP interface test in gray-box mode. Simulation of various attacks on VoIP.

B) Сonfiguration аnalysis in white-box mode. The report includes recommendations for addressing security vulnerabilities and configuration flaws.
Implementation of call filtering and voice menu

Development and implementation of a system for recognizing suspicious incoming calls based on Machine Learning. Building an Interactive Voice Response (IVR) where suspicious calls will be automatically redirected.
Implementation of a fault-tolerant telecom platform

Development of a fault-tolerant platform with the use of several trunks to different telecom operators. Consultations on how to make arrangements with the operators so that they filter calls and put them in blocklists in addition to local protection.

Our experience

  1. More than 80 projects on security assessment and penetration testing of IP networks.
  2. Permanent delivery for the information security department of one of the leading national telecom operators.
  3. Testing various kinds of mobile VoIP clients.
  4. Testing of corporate IP-PBX phone systems.
  5. Penetration tests of IMS operators, including 4G, with signaling via SIM over IPv6 and with traditional GSM/SS7 signaling.
  6. Continuous cooperation with the cyber police and other government agencies.

Check out our additional services and business cases. Send the form below to request a protection of telecommunications. Get a free consultation.

Business cases of projects we completed

Information security incident response and investigation
Managed security and compliance (ISO 27001, etc.)
Security analysis of software source code
Security assessment: audits and penetration tests
Security Operations Center cases