Dive Brief:
- Experts say a recent telephonic denial-of-service (DoS) attack against a Ukrainian power company was a ploy to cover up a cyberattack that took out power for 80,000 customers on Dec. 23.
- A telephonic DoS works by overwhelming a business’ call center with fake phone calls, making it impossible for legitimate calls to get through.
- After flooding the utility’s call center to prevent customers from being able to report outages, the attackers used malware to infect workstations, servers and production in their supervisory control and data acquisition systems.
Dive Insight:
Increasingly sophisticated hackers have been coming up with a number of fresh methods for launching cyberattacks in recent months, including a massive DDoS against the BBC in January and a recent attack on the accounting department of FACC AG, which resulted in a loss of $54 million.
In response to more advanced cyberattacks, enterprise security leadership needs to remain flexible and aware in their preventative measures and planned responses. The DoS attack on the power grid is the example of slight of hand by cybercriminals to distract from the main technical assault.
Telephonic DoS attacks have been around for a while, said Rene Paap, product marketing manager at security vendor A10 Networks, in an interview with CSO. But Paap also noted the sophistication of this attack, which prevented people maintaining the power grid from getting alerts from their customers.
"This was a very well-orchestrated attack," said Paap. "It wasn't done just by people doing it for the heck of it -- there was definitely an organization with significant resources."
CSO said businesses can protect themselves with countermeasures “such as protection gateways and firewalls that validate incoming calls and distinguish legitimate calls from malicious ones.”