With the news earlier this year that two thirds of large UK companies have been hit by cyber-attacks in the past year, the threats to business continuity continue to grow.
Most businesses fear a DDoS style attack. This is a co-ordinated attack, typically on a website, that attempts to bring the particular site down by sending millions of repeated requests to it on an ongoing basis until it crashes. Seemingly even the largest sites are not immune, as the BBC found out on New Year’s Eve 2015.
However there are increasing concerns around a similar kind of attack directed at company telephony services – a Telephony Denial of Service. So much so that the University of Houston was awarded a $2.6 million grant to develop technology that will protect emergency services against a co-ordinated and sustained attack on telecommunications services of this kind.
Telephony Denial of Service was first raised as an issue in 2013, when an increasing number of TDoS attacks were taking place. By systematically blocking telecommunications services to companies, fraudsters were able to elicit money from companies that were essentially left with the choice of paying up or being unable to function effectively. Concerns were raised at the time about risks to public service telephone lines but these appear to have continued to the point where there is a fear that an attack could actively impact the US 911 emergency services. The consequences of such an attack, particularly if co-ordinated with an act of terrorism, are unthinkable.
For companies facing such attacks it is important to know what to do in the aftermath, as well as how to prevent these kind of breaches. According to the 2015 report from the Ponemon Institute, ‘Cost of Cyber Crime Study: United Kingdom’, cyber-attacks cost businesses on average £4.1 million per incident and each incident can take an average of 31 days to resolve. No business can afford to stop functioning for that length of time and therefore needs to proactively prepare a response to cyber-attack.
TDoS is just another example of something companies must now consider when managing risk. Every new fraud is essentially an updated take on an older issue. Businesses need a proactive plan for how to ensure business continues when the unexpected happens.
Editorial credit: chrisdorney / Shutterstock.com