Number 8-800, or how to splurge in one day
Recently, companies are trying to use modern and convenient means to win customer loyalty. One of the most common and, in the opinion of many, an effective tool is the toll-free number "8-800". The fashion for the purchase of such numbers and establishing contact with consumers through it begins to gain momentum. Of course, a client would be more willing to call a toll-free number than to pay while waiting for the next specialist or line manager to answer at his own expense. But as they say, free cheese is known where.
Today we would like to talk about the reverse side of using the “8-800” service, about how excessive openness can simply ruin your company. In general terms, let's consider such a problem as telephone security, or telephone DDoS.
Many have heard the latest DDoS attacks on popular network resources. Someone in this way struggling with competitors, someone with political opponents is not important. The problem of a sharp increase in the flow of traffic to network equipment has been known for a long time, and today there are already more or less well-known ways to combat this. But lately, customers with the problems of DDoS attacks on telephone numbers have most often started contacting us.
It looks like this. A competitor orders an attack on the company's phone number. As a rule, every self-respecting company number is multichannel with voice greeting and IVR installed. In essence, multi-channel is the ability to receive a simultaneous number of calls from external subscribers. But the number of such channels is still physically limited (for example, 30 channels).
')
The most common type of attack involves the simultaneous making of such a number of calls that the incoming flow will simply be clogged, the PBX simply cannot process such a number of calls, customers will constantly hear the beeps "busy". Given that the IVR will turn on, in the first second the attacker will simply drop the phone and dial again and again. Telephone communication in the company will be simply paralyzed. Moreover, the calling numbers can be completely different - including without caller ID. Therefore, it is extremely difficult to filter such calls.
Now imagine another situation. The company buys a 100-channel number "8-800" with a voice greeting. As a rule, telecom operators work with clients on the credit system of payment - at the end of the month the company pays for actually consumed services. The operator opens the company loan. Each minute of the incoming call for the company costs about 2 rubles (we average the cost by directions depending on the caller ID). Tariffication is per minute from the first (or fifth) - then we will see why it is not so important) seconds of connection.
The attacker starts an attack of 70 simultaneous dialers with a duration of 10 seconds - the call is still free for the caller. A voice greeting responds - the money starts to drip. You can conditionally make 350 such calls per minute. For 10 minutes, 3500, for 10 hours of work, 210,000. We multiply this by 2 rubles of value, receive about 420000 rubles. cost per day of work. For a month you can count. It's funny for the director to see such an account at the end of the month, isn't it? And it is unlikely that during the day someone from the management will notice these losses, since the remaining calls will be sent to the call-center and the usual mode of operation will not be disrupted.
With this example, we demonstrated the fact that the organization of telephone communications for businesses of any size is a serious task. Including safety related. Just in some of our past publications, the panelists pointed out that launching an office telephone was a couple of hours of work with Asterisk and 20,000 rubles. budget for a "server." Yes it is. But it is important to control your expenses during the working day and monitor the health status of telephone equipment. There are various mechanisms for this, including close interaction with the telecom operator, which will promptly indicate the occurrence of such an attack.
A reasonable question arises - how to deal with such attacks. And now we are talking not only about the number 8-800, but in principle about any incoming channel. One voice greeting, as we showed above, cannot solve the problem, and in the case of the number “8-800” it is not a solution at all. At one time, we were approached by clients with the problem of attacks on their phone numbers - competitors were “entertained”.
We, as a telecom operator, solved this task in two stages:
- special algorithms for determining the attacker were developed even before the voice session was established, - and the call was simply rejected,
- together with the upstream operator, the sources of “parasitic” traffic were identified and partially restricted from above.
After a while, the attacks stopped, as they were simply useless.
As a conclusion, I would like to note that large telecommunication companies and various “Virtual offices” cannot help you in 99% of cases - there are no violations of the law in this case, there are no illegal actions, they just let this traffic through as expected. Therefore, in choosing a service provider, always try to find out not only financial conditions (they are now, as a rule, all about the same), but also the level of service support in the event of various situations. Only an individual approach to the client will contribute to the effective work of both the client and the operator.
Today we would like to talk about the reverse side of using the “8-800” service, about how excessive openness can simply ruin your company. In general terms, let's consider such a problem as telephone security, or telephone DDoS.
What is telephone DDoS.
Many have heard the latest DDoS attacks on popular network resources. Someone in this way struggling with competitors, someone with political opponents is not important. The problem of a sharp increase in the flow of traffic to network equipment has been known for a long time, and today there are already more or less well-known ways to combat this. But lately, customers with the problems of DDoS attacks on telephone numbers have most often started contacting us.
It looks like this. A competitor orders an attack on the company's phone number. As a rule, every self-respecting company number is multichannel with voice greeting and IVR installed. In essence, multi-channel is the ability to receive a simultaneous number of calls from external subscribers. But the number of such channels is still physically limited (for example, 30 channels).
')
The most common type of attack involves the simultaneous making of such a number of calls that the incoming flow will simply be clogged, the PBX simply cannot process such a number of calls, customers will constantly hear the beeps "busy". Given that the IVR will turn on, in the first second the attacker will simply drop the phone and dial again and again. Telephone communication in the company will be simply paralyzed. Moreover, the calling numbers can be completely different - including without caller ID. Therefore, it is extremely difficult to filter such calls.
From words to money
Now imagine another situation. The company buys a 100-channel number "8-800" with a voice greeting. As a rule, telecom operators work with clients on the credit system of payment - at the end of the month the company pays for actually consumed services. The operator opens the company loan. Each minute of the incoming call for the company costs about 2 rubles (we average the cost by directions depending on the caller ID). Tariffication is per minute from the first (or fifth) - then we will see why it is not so important) seconds of connection.
The attacker starts an attack of 70 simultaneous dialers with a duration of 10 seconds - the call is still free for the caller. A voice greeting responds - the money starts to drip. You can conditionally make 350 such calls per minute. For 10 minutes, 3500, for 10 hours of work, 210,000. We multiply this by 2 rubles of value, receive about 420000 rubles. cost per day of work. For a month you can count. It's funny for the director to see such an account at the end of the month, isn't it? And it is unlikely that during the day someone from the management will notice these losses, since the remaining calls will be sent to the call-center and the usual mode of operation will not be disrupted.
findings
With this example, we demonstrated the fact that the organization of telephone communications for businesses of any size is a serious task. Including safety related. Just in some of our past publications, the panelists pointed out that launching an office telephone was a couple of hours of work with Asterisk and 20,000 rubles. budget for a "server." Yes it is. But it is important to control your expenses during the working day and monitor the health status of telephone equipment. There are various mechanisms for this, including close interaction with the telecom operator, which will promptly indicate the occurrence of such an attack.
A reasonable question arises - how to deal with such attacks. And now we are talking not only about the number 8-800, but in principle about any incoming channel. One voice greeting, as we showed above, cannot solve the problem, and in the case of the number “8-800” it is not a solution at all. At one time, we were approached by clients with the problem of attacks on their phone numbers - competitors were “entertained”.
We, as a telecom operator, solved this task in two stages:
- special algorithms for determining the attacker were developed even before the voice session was established, - and the call was simply rejected,
- together with the upstream operator, the sources of “parasitic” traffic were identified and partially restricted from above.
After a while, the attacks stopped, as they were simply useless.
Conclusion
As a conclusion, I would like to note that large telecommunication companies and various “Virtual offices” cannot help you in 99% of cases - there are no violations of the law in this case, there are no illegal actions, they just let this traffic through as expected. Therefore, in choosing a service provider, always try to find out not only financial conditions (they are now, as a rule, all about the same), but also the level of service support in the event of various situations. Only an individual approach to the client will contribute to the effective work of both the client and the operator.
Source: https://habr.com/ru/post/143823/
All Articles