CVx Show Daily Day 2

1 4 CVx at ITEXPO I FEBRUARY 12 - 14, 2020 www.bekabusinessmedia.com DAY 2 B ad actors pose threats to telecom- munications. Their attacks are getting more sophisticated and disruptive. They can cripple or take down essential telephone communications with far-reaching consequences and generate considerable financial losses. Among these attacks and disruptions are robocalls and TDoS (telephony denial of service). Fortunately, there are ways to protect telephone communications. Let’s look at these threats and effective means of protection. ROBOCALL THREATS & SOLUTIONS Robocalls aren’t all bad. Auto dialers are used for many legitimate purposes, such as payment reminders, school closing notifications and debt collection. But a considerable number of robocalls are illegal and potentially harmful. Combine the nuisance factor with the risk of being scammed, and telephone subscribers hesitate to answer calls from unknown numbers. Several years ago, several robocall preven- tion solutions came on the market. These call analytics applications enabled subscribers to report robocallers. The applications gener- ated databases of these calling numbers with reputation scores based upon crowdsourced reports. Another type of robocall solution involves dynamic traffic analysis: software monitors and scores by calling/called number, trunk, loca- tion and other such attributes. When scores cross critical thresholds, the software identifies a potential robocall pattern and can act. When robocalls are identified, responses can be either to block the calls or divert them to voicemail or an interactive voice response system, such as a voice CAPTCHA, for example. Robocallers responded to these methods with neighbor spoofing, using fake caller IDs including the telephone number of their target victims. Reputation service applications don’t work very well when the perpetrator spoofs a legitimate phone number with an otherwise good reputation. The telecommunications industry proposed a solution: caller authentication. The framework is called STIR/SHAKEN, and it enables service providers to vouch for the caller ID using digital signatures that robocallers cannot spoof. Call authentication does not stop robocalls, but by verifying caller ID, it makes call analytics much more effective. Effective robocall prevention uses both caller authentication and call analytics working together. TD o S THREATS & SOLUTIONS At TransNexus, we’ve noticed an uptick in calls from businesses looking for protection from TDoS attacks. Organizations get so many incoming calls that they can’t get to legitimate customer calls. It’s shutting down their business. Some of these calls are robocalls. A perpetrator has programmed his auto- dialer to make lots of calls through sequential blocks of numbers. When they hit a block of numbers used by a business, or a hospital, for example, the impact can be disruptive. Such organizations try to answer every call, and the volume of robocalls is overwhelming them. We call these robocalls “inadvertent TDoS.” The perpetrator hopes that people will answer the calls so he can scam them out of something. There are also “deliberate TDoS attacks.” The perpetrator isn’t trying to scam his victims. He’s trying to shut down their telephone service. We’ve helped several businesses that suspect TDoS attacks have been carried out by their competitors. The robocall solutions discussed above are also effective against inadvertent TDoS. Dynamic traffic analysis is effective against deliberate TDoS. The volume of calls and thresholds might be different, but the techniques work well for both robocalls and TDoS. NEIGHBOR SPOOFING SOLUTIONS The best solution to combat neighbor spoofing will be widespread adoption of call authentication using STIR/SHAKEN. Again, it does not prevent either robocalls or TDoS attacks, but it does make other prevention methods more effective. In the meantime, TransNexus has developed another technique that has successfully thwarted neighbor spoofing in certain situations. It involves flexible blacklisting based upon the SPID or OCN of the inbound calling number. Here’s how it works: When a service provider originates a call from one of its customers who is calling another one of its customers, that’s an on-net call. The service provider will route that call within its network. It will not leave that network, transit external networks, then come back into the service provider’s network. With flexible black- listing, the service provider examines calls entering its network from external networks. If it sees a call where the calling number is one of its own, the service provider know it must be neighbor spoofing. It then can either block the call or divert it to voicemail or an IVR. This method has been very effective in preventing robocalls and TDoS attacks. TransNexus offers a complete range of solu- tions to protect telecommunications networks from disruptive robocalls and TDoS attacks. These solutions have achieved remarkable results with our customers, transforming unhappy, frantic subscribers into happy users. p Donald St. Denis is product marketing manager at TransNexus. He can be reached at donald.stdenis@transnexus.com. Robocalls and TDoS Threats and Protection By Donald St. Denis