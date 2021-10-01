When hackers took down bandwidth.com, Todd Brandenburg knew the massive implications that came with it.
"This really reveals a homeland security problem with our government," Brandenburg said.
As of Friday, Oct. 1, Bandwidth.com was reporting that its services were mostly fine, but certain local users were still reporting issues, including Walla Walla city offices.
Bandwidth provides back-end servers for telecommunications over the internet and is used by many large carriers.
The Union-Bulletin was also experiencing phone disruption because of the attack, but information technology workers with the U-B said phones appeared to be mostly working again Friday.
Despite Bandwidth.com reporting restored services, downstream carriers are still experiencing issues as of Friday
Brandenburg is president of PocketiNet, a Walla Walla-based telecommunications and internet company, and he's not taking the cyber attack lightly.
"We're working diligently on that," Brandenburg said of his company's efforts for the 30 customers still affected by an earlier attack.
The attack, he said, is by unknown assailants who started going after companies that carry voice over internet protocol services, or VoIP.
The first big target was voip.ms. Then last weekend, the hackers attacked Bandwidth, one of the top VoIP carriers in the country. PocketiNet was hit by the voip.ms attack and is still experiencing ongoing issues.
Brandenburg guessed that the attacks are done by the same group, based on the similarity of strategy, but there's no way to be sure of that.
Bandwidth.com sits "upstream" of the companies that use its services, including Microsoft, Google and Verizon, some of the biggest companies in the world.
As such, Bandwidth.com was one of the must trusted VoIP carriers out there, Brandenburg said.
"Unfortunately, they're probably the most prepared for this type of attack," Brandenburg said. "But this brought them to their knees, even globally."
And what's even more bizarre, he said, is that nobody really knows who is behind this. Reporting has primarily been done by gaming or technology websites; major news outlets have all but steered clear of reporting on a hack that has crucial implications for the U.S. economy.
What makes this hit so concerning and especially nefarious, Brandenburg said, is that the attackers knew when to hit to make it sting the most. Other hackers in the past used their distributed denial of service — DDoS — attacks over long stretches of time, whereas this was specifically targeted at the peak of business hours on the East Coast.
DDoS attacks involve multiple fake users — or "bots" — sending multiple requests to one server, thereby overloading its capacity to handle more requests. So if your company phone number happened to exist on that server, it was likely not working because of the virtual traffic jam.
The technique started in the gaming industry, where hackers would force a player out of a game, but it's bled over into the business technologies world.
"This seems like a very determined and deliberate attack," Brandenburg said, adding that it points to a group with a good idea how to hurt the U.S.
By pushing the right buttons, some of the largest companies in the world could be at the mercy of ransomware — a type of attack where hackers steal private information and hold it hostage — or DDoS attacks.
"There are government assets that are very well protected," Brandenburg said. "But we're talking about the commercial aspect of the economy ... The (U.S.) government is not doing its jobs to protect businesses."
Brandenburg said he'd seen the writing on the wall with this type of attack, pointing to a local hack in late 2019 where the Walla Walla County government was the victim of ransomware.
Brandenburg said he once approached a high-ranking government official to warn that the FCC must help improve the security of the nation's web-based services, but nothing's been done.
Hackers could be scooping up ransoms left and right, and nobody knows about it. Bandwidth.com in particular has been coy about who the hackers are and what they're demanding, Brandenburg said.
The voip.ms hack reportedly involved demand of payment of up to 100 Bitcoins, equivalent to more than $4.1 million, according to technology industry outlet Silicon Angle.
Sometimes, the only option is to pay the hackers, Brandenburg said. But if the hackers take the ransom without ceasing the attack, what do you do?
The recent attack also showed how it can mess with regular business and government affairs. City of Walla Walla officials noted that Friday was the first day of people needing to pay their utility bills after the end of the state's moratorium on payments.
Multiple people were calling in to set up payment plans to avoid late fees, according to an email from city officials. The city encouraged people to use wallawallawa.gov or visit City Hall if phones were disconnecting.
In the meantime, Brandenburg said, businesses may do well to have multiple communication services, such as a 1-800 number that can reroute to another phone, such as a company cellphone or landline.
He said the telecommunications industry itself has failed businesses by not providing the ability to "port" phone numbers quickly, meaning they can't transfer the number to another phone or phone system without accessing the upstream server. A cellphone port for a private user can take minutes, but business phone numbers can take days to transfer, Brandenburg said.
"So that's an industry problem that, in my opinion, needs to be fixed right away," he said.
And what about more practical solutions like going "off the grid" or even switching back to a regular old landline?
"There's no safe harbor, anymore," Brandenburg said. Almost every single communications service is tied to the worldwide web, he said, and all of it is vulnerable to cyber attacks.
"It's a scourge on the internet," he said. "This is going to keep happening ... the biggest question is: Who's next?"
