Number 8-800, or how to go broke in one day

    Recently, companies have been trying to use modern and convenient means to gain customer loyalty. One of the most common and, according to many, effective means is the free number "8-800". The fashion for buying such numbers and establishing contact with consumers through it begins to gain momentum. Of course, the client will be more likely to call a toll free number than to pay for the waiting time for the response of the next specialist or manager on the line at his own expense. But as they say, free cheese can be known where.

    Today we would like to talk about the reverse side of using the “8-800” service, about how excessive openness can simply ruin your company. In general terms, let's look at a problem such as telephone security, or telephone DDoS.

    What is a telephone DDoS.

    Many have heard the latest DDoS attacks on popular network resources. Someone thus fights with competitors, someone with political opponents - it does not matter. The problem of a sharp increase in traffic flow to network equipment has been known for a long time, and today there are already more or less well-known ways of dealing with this. But recently, clients with problems of DDoS attacks on telephone numbers have begun to turn to us most often.

    It looks as follows. A competitor orders an attack on a company’s phone number. As a rule, every self-respecting company has a multi-channel number with the established voice greeting and IVR. At its core, multichannel is the ability to receive the simultaneous number of calls from external subscribers. But the number of such channels is still physically limited (for example, 30 channels).

    The most common type of attack involves making such a number of calls at the same time that the incoming stream will simply be clogged, the PBX will simply not be able to process such a number of calls, customers will constantly hear busy signals. Given that the IVR will turn on, after the first second, the attacker will simply hang up and dial again and again. Telephone communication in the company will be simply paralyzed. Moreover, the calling numbers can be completely different - including without caller IDs. Therefore, filtering out such calls is extremely difficult.

    From words to money

    Now imagine a different situation. The company buys a 100-channel number "8-800" with a voice greeting. As a rule, telecom operators work with clients on a credit payment system - at the end of the month the company pays for the services actually consumed. The operator opens a loan to the company. Each minute of an incoming call for a company costs about 2 rubles (we average the cost by directions, depending on the caller’s caller ID). Billing per minute from the first (or fifth - then we will see why this is not so important) seconds of connection.

    An attacker starts an attack of 70 simultaneous dialers with a duration of 10 seconds - the call is still free for the caller. A voice greeting responds - money begins to “drip”. You can conditionally make 350 such calls per minute. For 10 minutes 3500, for 10 hours of work 210,000. We multiply this by 2 rubles of value, it receives about 420,000 rubles. costs for one day of work. You can count for a month. It will be funny for the director to see such an account at the end of the month, isn't it? And it is unlikely that during the day someone from the leadership will notice these losses, since the rest of the calls will go to the call center and the usual mode of operation will not be violated.

    conclusions

    With this example, we demonstrated the fact that the organization of telephone communications for a business of any scale is a serious task. Including security related. It’s just that in some of our past publications, the discussion participants indicated that launching an office telephone is a couple of hours of working with Asterisk and 20,000 rubles. budget for the "server". Yes it is. But it is important to control your expenses during the working day and monitor the state of operability of telephone equipment. There are various mechanisms for this - including close interaction with the telecom operator, which will promptly indicate the occurrence of such an attack.

    A reasonable question arises - how to deal with such attacks. And now we are talking not only about the number 8-800, but, in principle, about any incoming channel. One voice greeting, as we showed above, cannot solve the problem, and in the case of the number "8-800" it is not a solution at all. At one time, customers turned to us with the problem of attacks on their phone numbers - competitors were "having fun."

    As a telecom operator, this problem was solved in two stages:

    - we developed special algorithms for determining an attacker even before establishing a voice session, - and the call was simply rejected,
    - together with a higher operator, the sources of “spurious” traffic were identified and partially limited “from above ".

    After some time, the attacks stopped, as they were simply useless.

    Conclusion

    In conclusion, I want to note that large telecommunication companies and various types of “Virtual Offices” in 99% of cases will not be able to help you - there are no violations of the law in this case, there are no illegal actions, they simply let this traffic through as expected. Therefore, in choosing a service provider, always try to find out not only financial conditions (they are now usually the same for everyone), but also the level of service support in case of various situations. Only an individual approach to the client will contribute to the effective work of both the client and the operator.

    Also popular now: