×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cyber Criminals Tying Up Emergency Phone Lines Through TDoS Attacks, DHS Warns

Soulskill posted 1 year,13 days | from the now-you're-just-being-jerks dept.

Communications 115

tsamsoniw writes "Emergency-service providers and other organizations are being targeted with TDoS (telephony denial of service) attacks, according to a security alert (PDF) from the Department of Homeland Security and the FBI, obtained by security expert Brian Krebs. TDoS attacks use high volumes of automated calls to tie up target phone systems, halting incoming and outgoing calls. Perpetrators are using the attacks to extort cash from target organizations, who receive a call from a representative from a purported payday loan company, who demands payment of $5,000 for an outstanding debt — usually speaking in an unspecified 'strong accent.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

115 comments

Police, Fire Brigade, Truncheon, Axe... (2)

flyingfsck (986395) | 1 year,13 days | (#43345919)

I can think of various interesting ways to handle these idiots.

Re:Police, Fire Brigade, Truncheon, Axe... (2)

Barryke (772876) | 1 year,13 days | (#43345941)

This just like a telephony call after ransomware. Its hard to know their address, they usually are foreign and call via VOIP gateways.

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43346025)

Require VOIP providers to provide proper safeguards or stop operating (and having access) to any of the wired networks?
Seems like a fairly simple solution.
Alternatively make VOIP providers and their CEOs personally liable for such calls and it will fix itself.

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43346109)

Except VOIP gateways aren't necessarily a VOIP provider/carrier. It could something as simple as a botnet of hacked ADSL+VoIP modems. And providers might have safeguards in place, but be hacked and reconfigured to allow the call.

That's like saying home users should be made personally liable if their PC is infected with a virus that adds it to a botnet and is used for a DDOS attack.

Re:Police, Fire Brigade, Truncheon, Axe... (1, Interesting)

andy.ruddock (821066) | 1 year,13 days | (#43346245)

That's like saying home users should be made personally liable if their PC is infected with a virus that adds it to a botnet and is used for a DDOS attack.

Or like saying a car driver should be responsible for the damage he causes if he crashes into another vehicle.

Oh.. wait..

Re:Police, Fire Brigade, Truncheon, Axe... (2)

wonkey_monkey (2592601) | 1 year,13 days | (#43346307)

No, it's clearly more like holding the owner responsible if someone steals the car and crashes it into another vehicle, isn't it?

Re:Police, Fire Brigade, Truncheon, Axe... (2)

andy.ruddock (821066) | 1 year,13 days | (#43347069)

Ok, yes, if the owner has left the keys in the ignition, the doors unlocked, and walked away leaving a big sign on the car saying "please steal me".

Re:Police, Fire Brigade, Truncheon, Axe... (1, Insightful)

oreaq (817314) | 1 year,13 days | (#43347391)

If you think the car door lock or ignition lock stops a motivated thief you are as clueless when it comes to car security as the PC owners are about computer security.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

tlhIngan (30335) | 1 year,13 days | (#43348579)

You would think a carrier could easily block VOIP originating calls to emergency services.
  Unless that information is lost by the time the call arrives at the carrier.
  There has to be an originating caller id - as this is who is charged for the call,
  certainly if the destination is not an emergency services number.

The question is - how do you know that VoIP call isn't from a local person needing 911 services? After all, a lot of people have dumped landlines in favor of VoIP lines. And stuff like Vonage make the house phone lines look a lot like landlines.

And in fact, until recently, 911 wasn't really handled properly by VoIP providers. And there's lots of VoIP providers out there - who's to say what's a legit VoIP emergency call and what's not?

If you think the car door lock or ignition lock stops a motivated thief you are as clueless when it comes to car security as the PC owners are about computer security.

Depends what you're trying to protect. The contents of a car? Not really - most thieves do smash-and-grabs (annoying to spend hundreds to fix when the thief made off with $20 worth of change and CDs).

The vehicle? Most modern ones have immobilizers (a lot of places make them mandatory - where I am in BC, Canada, all new cars sold must have immobilizers to get insured). In general, it's why carjacking became popular because hotwiring a car was no longer feasible, at least unless you weren't picky and went for an older model before the immobilizers were standard.

Yeah, there are car proxies that let you bypass the immobilizer, but that's pretty much saying unless you have perfect security, it's pointless. (Especially since most people really only need "good enough").

Re:Police, Fire Brigade, Truncheon, Axe... (1)

oreaq (817314) | 1 year,13 days | (#43349061)

Parent's implict argument was: Hold the victims of computer crime accountable because they didn't aply common sense to protect their computers like they would do (for example) to protect their car. He made this argument by describing how common sense meassures protect your car and the things in it from beeing stolen. I justed wanted to point out that this argument is wrong.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

Osiris Ani (230116) | 1 year,13 days | (#43348093)

Ok, yes, if the owner has left the keys in the ignition, the doors unlocked, and walked away leaving a big sign on the car saying "please steal me".

Of course, because no otherwise secure system has ever been compromised by a zero-day attack.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

jythie (914043) | 1 year,13 days | (#43348783)

That would be the equivalent of holding a honey pot admin responsible for attacks coming form their system.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

yurtinus (1590157) | 1 year,13 days | (#43349165)

I think it's more like a bunch of guys on /. clogging up the tubes with poor analogies....

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43346321)

It's more like saying that a car driver should be responsible for the damage he unknowingly played a part in if someone else plants a bomb in his vehicle. You should not be responsible for things that you don't know about and that you could not reasonably be expected to find out about.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

andy.ruddock (821066) | 1 year,13 days | (#43347167)

"unknowingly" being the operative word here.
How many of these infections are caused by the user not having up-to-date AV software and blindly clicking on links in random e-mails?
You have to take some responsibility.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

Anonymous Coward | 1 year,13 days | (#43347443)

The point is there is currently no reasonable, cost effective, fair method to decide if a user has taken 'sufficient' steps to secure their PC, especially if you are talking about someone just being one small part of a botnet.
To make this reasonable you would have to have (say) a government license to use any general purpose computing device, whereby your responsibilities are laid out to you and you show in some way that you understand them - similar to a driving license.

And we'd all love to have the government decide who gets to have a PC, wouldn't we?

Re:Police, Fire Brigade, Truncheon, Axe... (1, Flamebait)

Dishevel (1105119) | 1 year,13 days | (#43348459)

And we'd all love to have the government decide who gets to have a PC, wouldn't we?

You do not have to go through all that.
Simply bring back the command line. Have people run Linux. Make the computers a little more difficult to use. Just a little.
Make them think a tiny bit when hooking up to the internet. Daily.
Even if you removed licensing for cars the percentage of people that would go on the road with NO ability to drive would be small.
The number of people with no fucking clue how to read or not click a link that travel the information super highway is STAGGERING!
Make the barrier to entry higher and all will benefit.

Re:Police, Fire Brigade, Truncheon, Axe... (2)

DarkOx (621550) | 1 year,13 days | (#43346453)

I too have advocated the owners of machines should be responsible for its actions on the network. Someone does something bad from your open or weakly secured access point, you are at least liable for civil negligence claims. Someone makes your PC a botnet member and there is a ddos or spam incident, ditto.

I come down on side of end user owning the responsibility mostly because if the end users don't fix it someone like the DHS is going to fix it for them and the result will be another crony capitalism tax dollar give away, a strait jacket on everyone's freedom, and good bye to yet more privacy even for those who do choose to put effort into protecting that.

I am not sure the car analogies really work here. Not sure but I think there have heard some cases where owners of guns and cars have faced some civil liability for damages where they failed to secure them properly and they were used in crimes. So there may be some useful precedent there.

A better analogy though still stretched is to give the computer equipment some agency. Treat it like a large dog. If you have one and you leave it outside you'd better have a secure fence or some other way to keep it confined to your property. If the dog gets loose and does something unintended like bite someone you the owner have to be responsible for it.

Re:Police, Fire Brigade, Truncheon, Axe... (2)

Shavano (2541114) | 1 year,13 days | (#43346779)

A computer is not a car, nor is it a dog. But it's more like the car than the dog. It does not go do things by itself without human intervention. The human who commands it to do the illegal thing should be the only one held responsible. Holding individual owners responsible for staying ahead of an ever-increasing threat is absurd.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

Anne Thwacks (531696) | 1 year,13 days | (#43346807)

You, sir, are not a true Marxist. Marx stated that machines only respond to the commands of their owners. This is the main justification for state ownership of stuff.

Re:Police, Fire Brigade, Truncheon, Axe... (4, Interesting)

DarkOx (621550) | 1 year,13 days | (#43347191)

Right a computer is not a car or a dog; the analogy is stretched in either case. I am not saying owners should be criminally culpable. Whoever made unauthorized use of the equipment should be. I do think they should be exposed to civil liability where their maintenance of the machine is found to be negligent.

A civil court would be free to decide for example that it appears your machine was pwnd by a zero day; and there is nothing therefore you could have 'reasonably' done so you have no responsibility for any damage it was used to inflict. OOTH your machine hasn't seen a patch in four years and your firewall is no-existent or configured so as to be nearly useless you could be responsible as you were negligent.

(here we go again another car analogy) Just like you'd be negligent if you left your car in neutral without the parking break applied and it rolled in to traffic while you were shopping. Sure we might blame the guy who gave it a push if he was known or could be found but in most cases its going to land in the owners lap.

I am not saying the analogies fit exactly or that its entirely fair but a few things are true:
1) Leaving an un-patched, unprotected box connected to the internet is a negligent (if not legally practically).
2) Something is going to be done about this issue now that banks and utilities are being DDOSed unless that stops;
3) Most of us won't like the something in 2
4) If you want individuals to take computer security seriously they will need to be either made to or to feel they are personally at risk if they don't.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

Anonymous Coward | 1 year,13 days | (#43347511)

Right a computer is not a car or a dog; the analogy is stretched in either case. I am not saying owners should be criminally culpable. Whoever made unauthorized use of the equipment should be. I do think they should be exposed to civil liability where their maintenance of the machine is found to be negligent.

A civil court would be free to decide for example that it appears your machine was pwnd by a zero day; and there is nothing therefore you could have 'reasonably' done so you have no responsibility for any damage it was used to inflict. OOTH your machine hasn't seen a patch in four years and your firewall is no-existent or configured so as to be nearly useless you could be responsible as you were negligent.

Or we just make all PC owners everywhere throughout the land take compulsory insurance against third party attacks should their PCs or network become infected.

Cars already have compulsory insurance required by law.

Re:Police, Fire Brigade, Truncheon, Axe... (3, Insightful)

Runaway1956 (1322357) | 1 year,13 days | (#43347537)

Hmmm. Where do I fit into all of this? I run Linux Mint Debian. I've basically turned the firewall off, on the computer and at the router. No antivirus. But, I'm up to date with a rolling distro. Although I have three versions of Java installed, my browsers don't know about them. Flash is installed, and disabled by default. Javascript is disabled by default, but I can select sites on which to run it. In the unlikely event that I am pwned - how liable do you think I should be? Are my precautions adequate?

Re:Police, Fire Brigade, Truncheon, Axe... (1)

laughingcoyote (762272) | 1 year,13 days | (#43347557)

A civil court would be free to decide for example that it appears your machine was pwnd by a zero day; and there is nothing therefore you could have 'reasonably' done so you have no responsibility for any damage it was used to inflict. OOTH your machine hasn't seen a patch in four years and your firewall is no-existent or configured so as to be nearly useless you could be responsible as you were negligent.

Given some of the idiotic rulings on tech cases we've seen out of courts even at the highest levels with years worth of testimony to get a clue, do you really trust your local courthouse magistrate to make technical distinctions that fine? I sure don't. That's before you even get to the expectation that everyone who purchases a computer knows how to properly configure and maintain a firewall.

Just like you'd be negligent if you left your car in neutral without the parking break applied and it rolled in to traffic while you were shopping.

No, to stretch the analogy until it screams, it's more like you left your window down. Someone then reached into the vehicle, broke the ignition switch, took off the parking brake, put the car in neutral, and gave it a good push, rolling it into traffic. They shouldn't do that, whether or not you left your window down (or even if you also left the keys in the ignition), and it is their fault for misusing someone else's property in that way. You can still argue it's not a good security practice to leave the window down and the keys in the ignition, but that doesn't give other people a license to steal or misuse the car, nor does it make the owner rather than the interloper responsible if someone does.

Leaving an un-patched, unprotected box connected to the internet is a negligent (if not legally practically).

What about "developing and selling a highly vulnerable OS"? That's A-OK, but expecting the end users to be responsible when the product is flawed is reasonable?

Re:Police, Fire Brigade, Truncheon, Axe... (1)

jythie (914043) | 1 year,13 days | (#43348859)

And that cuts to the heart of the problem with such a system.. who decides what taking sufficient steps involves? People who support this idea assume that they or someone like them will be in charge, but chances are it would be a beurocratic mess which would involve certification of underlying components (like the OS), which would not make FOSS people very happy...

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43347593)

I do think they should be exposed to civil liability where their maintenance of the machine is found to be negligent.

So, you identify all (say) 500,000 owners of the PCs in a DDos botnet (a common sort of instance), have all their PCs confiscated and forensically examined and try to work out which were 'negligent'? Or you select a sample and 'make examples of them'? Or you bully them all into settling (guilty or not) with the threat of legal costs?
And do the OS/application suppliers get dragged in when their security blunders are partly/wholly to blame? If not why not - one zero-day from MS could allow the creation of an entire new botnet, doing far more damage than any one indivual's compromised PC. And if the OS providers etc. *are* liable it's probably goodbye to all FOSS, and massive price hikes and walled gardens for all proprietary OSs due to the legal liabilities.

Sounds great.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

DarkOx (621550) | 1 year,13 days | (#43348045)

No you don't do that. Its up to whoever feels they were wronged to sue the owners of the machines or not. Most people who get DDOSed wont do it. The time it work take to file all the discovery motions, collect the evidence and build a case would mostly be more than what they could hope to collect.

Yes the software vendors should absolutely be potentially on the hock to if you could show they made not effort to address security issues in a timely manor or knowing ignored security issues, etc.

You are trying to conflate the civil matters with the criminal ones. My argument is if your machine is used to damage mine I should be able to seek damages from you. Actually under current law I suspect I probably can. How successful would I be; probably not very. I would be happy to see some plaintiffs prevail though because I think it would do good thing for security posture everywhere and avoid draconian regulations that are coming otherwise.

   

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43347385)

Instead of holding PC owners liable, we disconnect those PCs from the network until their PCs can be proven to be clean. Some ISPs already do this, it's only a matter of time before we see some legislation mandating all ISPs do this or be liable themselves.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

BlackSnake112 (912158) | 1 year,13 days | (#43347127)

It should be on the user to make sure that their computer is clean. Claiming ignorance is hurting everyone.

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43348601)

thats great and dandy but when I am up to date with the latest java update Im still vulnerable. So being "on top" of making sure my system is current I have unwittingly opened my computer up to a new attack vector because some software engineer was told by management that s/he needed to get this to market and be damned if its not secure. So, while I may be doing everything that i need to to do "stay safe" It is not me who is to blame when the software is the reason my machine was compromised. Another car analogy would be are the owners of cars with defective breaks responsible for the breaks when the company that made the car knew full well that they were faulty and still placed them on production cars? Nope its the car company that willingly put the defective breaks and still sold the car.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

Dishevel (1105119) | 1 year,13 days | (#43348391)

They should.
Fuck them and their virus laden PCs.
If you can not make good decisions then fuck you and get your viral POS of my fucking internet.

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43346113)

I see you have no clue as to how VoIp and modern telephony works. it is trivial to hack an account or even a block of accounts and hijack them for en-masse calling.

So put in your protections and all you will get is a lot of innocent people in jail. But it sounds like you are one of those morons that thinks more laws is the answer.

Ban guns and criminals wont have them! Because they will go "aw shucks! Guns are illegal, I cant use this for a crime!"

Re:Police, Fire Brigade, Truncheon, Axe... (2)

FireFury03 (653718) | 1 year,13 days | (#43346397)

Require VOIP providers to provide proper safeguards or stop operating (and having access) to any of the wired networks?
Seems like a fairly simple solution.

That's very similar to saying the solution to botnets is to require computer owners to provide proper safeguards. In short: completely unworkable. We're not just talking about big VoIP gateways, we're talking about anyone who has a VoIP device exposed to the internet. FWIW, I see a *lot* of SIP wardialling attempts on my Asterisk servers - in my case they all get given a "callee number invalid" response, but presumably there are enough misconfigured PBXes around to make it worth setting a botnet to work finding one that will allow anonymous callers to make PSTN calls.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

icebike (68054) | 1 year,13 days | (#43349541)

Require VOIP providers to provide proper safeguards or stop operating (and having access) to any of the wired networks?
Seems like a fairly simple solution.

Brilliant!
This is exactly what the motivation for these alleged attacks is.

Big Phone Providers annual back room meeting:

Lets kill this VOIP thing before it eats all of our monstrous profit margin. Let's see, how can we do that? Oh, I know, lets get the public all enraged about VOIP providers and see if we can regulate them out of business. We will hire a bunch of Kenyans and put them in some basement somewhere and use Voip to attack something to scare the Americans into regulating Voip either out of business or back into our hands. Brilliant. And then we will post the the "Solution" on Slashdot to get the sheeple thinking in the right direction. Good one! More caviar, and another glass of wine all around.

Re:Police, Fire Brigade, Truncheon, Axe... (3, Insightful)

mwvdlee (775178) | 1 year,13 days | (#43346033)

The money has to be deposited somewhere, and that somewhere may be traceable.
I understand that is how scam-/spam-gangs are traced.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

Anonymous Coward | 1 year,13 days | (#43346093)

The money has to be deposited somewhere, and that somewhere may be traceable.

And this is where Bitcoin becomes an interesting option for ransom payments.

Re:Police, Fire Brigade, Truncheon, Axe... (2)

Big Hairy Ian (1155547) | 1 year,13 days | (#43346263)

You've obviously never tried to trace a fraudulent transaction though multiple jurisdictions :(

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43347353)

You've obviously never tried to trace a fraudulent transaction though multiple jurisdictions :(

I was under the impression that as far as the USA is concerned there is only one jurisdiction. :)

Re:Police, Fire Brigade, Truncheon, Axe... (1)

LordLimecat (1103839) | 1 year,13 days | (#43349965)

It can think that, but will find out otherwise when the Romanian institution in question gives the US the middle finger.

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43347639)

That's where Interpol is supposed to come in, but there are countries which simply don't care like you said. Maybe we should trade sanction their asses into submission!

Re:Police, Fire Brigade, Truncheon, Axe... (3, Funny)

ExploHD (888637) | 1 year,13 days | (#43348657)

You've obviously never tried to trace a fraudulent transaction though multiple jurisdictions :(

It's simple really, just write a program in VB so you can backtrace it.

Unless they want good 'ol Western Union... (1)

sirwired (27582) | 1 year,13 days | (#43346411)

If they demand payment via Western Union, it cannot be traced, and I'm pretty sure $5k is under their max transaction amount.

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43346791)

The calls also originate somewhere (even if spoofed they have to have an origin so the phone company can connect it). Would be a shame if they got dropped off the network for abusing it.

Also messing with police/fire/infrastructure guys? As they said in batman the dark knight 'good luck with that'. Many of those guys are on a power trip anyway you are giving them an excuse to mess with you.

a lifetime of torture's too good for these bastard (0)

Anonymous Coward | 1 year,13 days | (#43346843)

Just start issuing letters of marque and indemnify anyone who takes it on themselves to correct the miscreants' antisocial behavior.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

LordLimecat (1103839) | 1 year,13 days | (#43349951)

And when that somewhere is "we-dont-care-what-the-FBI-says" China or Romania, then what?

Re:Police, Fire Brigade, Truncheon, Axe... (1)

zenopus (114516) | 1 year,13 days | (#43346419)

You would think a carrier could easily block VOIP originating calls to emergency services.
Unless that information is lost by the time the call arrives at the carrier.
There has to be an originating caller id - as this is who is charged for the call,
certainly if the destination is not an emergency services number.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

gmack (197796) | 1 year,13 days | (#43347917)

The fundamental problem is that the phone system is notoriously insecure and trusts the sending provider to show accurate information. All you need to do to spoof the calling info? A digital line.. this means that any office with a T1 or better and a digital PBX can spoof calls and worse yet VOIP services often let the caller set that info as well.

We all get to suffer because the telcos are too lazy to add egress filtering.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

cdrudge (68377) | 1 year,13 days | (#43350289)

You would think a carrier could easily block VOIP originating calls to emergency services.

How do you tell a legitimate emergency call from a VOIP customer from a malicious one also originating with VOIP?

Re:Police, Fire Brigade, Truncheon, Axe... (1)

Krojack (575051) | 1 year,13 days | (#43347015)

Yeah, my Asterisk boxes use to get slammed with brute force attempts left and right from foreign IP addresses, then I installed Fail2ban. Works wonders.

Re:Police, Fire Brigade, Truncheon, Axe... (1)

icebike (68054) | 1 year,13 days | (#43349459)

This just like a telephony call after ransomware. Its hard to know their address, they usually are foreign and call via VOIP gateways.

Which suggests that this is but another ploy to induce knee-jerk regulation of the VOIP industry, with the ultimate goal of forcing everyone back to POTS. Geee, who would want to do that, you say? Other than your nanny state Federal Government, and several telephone companies I can't think of anyone.

This is pretty much a non issue, because 911 calls in any area can instantly be re-routed to a different ACTUAL Phone number on the fly, a feature built into the 911 system to handle the possibility that the 911 call center gets overloaded, or hit by a tornado or something. (Just because you dial 911 does not mean there is an actual phone with 911 as its real phone number).

To the extent this DDOS is actually happening at all, (and the whole story doesn't pass the smell test), it seems more a orchestrated trial balloon aimed against private VOIP, asterisk, and the several thousand voip providers steadily dipping into
pockets of Big Phone.

 

Re:Police, Fire Brigade, Truncheon, Axe... (1)

findoutmoretoday (1475299) | 1 year,13 days | (#43346081)

It's a two stage ransom. The real one comes when my law firm sues idiots (on behalf of some client) for a lack of reaction, inadequate response, absence of redundancy, ....

Re:Police, Fire Brigade, Truncheon, Axe... (-1)

Anonymous Coward | 1 year,13 days | (#43346261)

I fully support tracking them like animals, torturing them for information on compatriots, saving a finger as a trophy, skinning off their face and delivering it to the appropriate embassy. In the case of foreign attack, just track and kill, impound digital media and on to the next. Serial black hat hunting, the new sport of Alpha Geeks. "They gave me the finger, so I took it".

Re:Police, Fire Brigade, Truncheon, Axe... (0)

Anonymous Coward | 1 year,13 days | (#43347293)

And my personal favorite, Sledgehammer.

"unspecified strong accent"... oblig.Monty Python? (2)

fantomas (94850) | 1 year,13 days | (#43345949)

"unspecified strong accent"

There must be a Monty Python reference here, because it sure ain't science....

Re:"unspecified strong accent"... oblig.Monty Pyth (1)

Anonymous Coward | 1 year,13 days | (#43346079)

It is probably this one [youtube.com] you silly english kniggets.

Re:"unspecified strong accent"... oblig.Monty Pyth (-1)

Anonymous Coward | 1 year,13 days | (#43346413)

Fetchez la cash ?

Re:"unspecified strong accent"... oblig.Monty Pyth (0)

Anonymous Coward | 1 year,13 days | (#43347339)

I will not buy this record; it is scratched.

Do you waaaaant...do you waaaaaaaant to go back to my place? Bouncy bouncy.

Re:"unspecified strong accent"... oblig.Monty Pyth (0)

Anonymous Coward | 1 year,13 days | (#43348849)

"unspecified strong accent"

There must be a Monty Python reference here, because it sure ain't science....

It's just an unspecified strong accent. Y'know, the generic kind. But strong.

Appropriate response (-1, Flamebait)

DoofusOfDeath (636671) | 1 year,13 days | (#43345987)

Tying up emergency services in order to extort money is one of the few crimes that may be worthy of death by torture.

Re:Appropriate response (3, Interesting)

BeerCat (685972) | 1 year,13 days | (#43346073)

What if it is being done by rival emergency services?

The automated telephone exchange was invented by someone who ran a fire brigade, and reckoned (rightly, as it turned out), that the switchboard operators were favouring his rival.

With increasing fragmentation, then the "best performing" one will be the one that can answer calls; by blocking a rival, they can't answer as many calls, and hence will appear to be performing less well (and hence will be shut down)

Re:Appropriate response (1)

Anonymous Coward | 1 year,13 days | (#43346125)

Sorry, am I correct in thinking you are saying you have RIVAL emergency services. Really?!

Re:Appropriate response (0)

Anonymous Coward | 1 year,13 days | (#43346255)

Sorry, am I correct in thinking you are saying you have RIVAL emergency services. Really?!

Because the FREE MARKET solves all problems!!!!

Just like you can never have too much rain.

Re:Appropriate response (1)

icebike (68054) | 1 year,13 days | (#43349609)

Sorry, am I correct in thinking you are saying you have RIVAL emergency services. Really?!

More likely the Phone companies themselves, who would like nothing more than to kill off independent VOIP providers.

Re:Appropriate response (0)

Anonymous Coward | 1 year,13 days | (#43346135)

What if it is being done by rival emergency services?

The automated telephone exchange was invented by someone who ran a fire brigade, and reckoned (rightly, as it turned out), that the switchboard operators were favouring his rival.

With increasing fragmentation, then the "best performing" one will be the one that can answer calls; by blocking a rival, they can't answer as many calls, and hence will appear to be performing less well (and hence will be shut down)

Hmm.. if you have sources for this the Wikipedia entries on telephone exchanges/switchboards and Almon Brown Strowger (inventor of the first automated) needs to be completely rewritten.

Re:Appropriate response (0)

Anonymous Coward | 1 year,13 days | (#43346367)

Actually it was invented by an undertaker whose competitors wife was the telephone operator.
http://en.wikipedia.org/wiki/Almon_Brown_Strowger

Re:Appropriate response (1)

DFurno2003 (739807) | 1 year,13 days | (#43346421)

"The automated telephone exchange was invented by someone who ran a fire brigade, and reckoned (rightly, as it turned out), that the switchboard operators were favouring his rival." Took me a bit of searching but I found it, He was an Undertaker. "According to legend, Almon Strowger, an undertaker, was motivated to invent an automatic telephone exchange after having difficulties with the local telephone operators, one of whom was the wife of a competitor. He was said to be convinced that she, as one of the manual telephone exchange operators was sending calls "to the undertaker" to her husband." http://en.wikipedia.org/wiki/Strowger_switch [wikipedia.org]

"strong accent" indeed... (0)

Anonymous Coward | 1 year,13 days | (#43346035)

I bet it isn't an English accent...

Re:"strong accent" indeed... (1)

dkleinsc (563838) | 1 year,13 days | (#43347213)

I bet it isn't an English accent...

Not necessarily: Most scammers are from the Third World, e.g. Yorkshire.

Back in the Days of the Square Wheel (-1)

smitty_one_each (243267) | 1 year,13 days | (#43346153)

We called this "war dialing". I guess that if you still use words, you sound amateurish.
Although, you can't spell "TDoS" without the letters in "o STD". *clap*

Re:Back in the Days of the Square Wheel (1)

DNS-and-BIND (461968) | 1 year,13 days | (#43346203)

Uh, no? Wardialing was dialing all the station digits in a prefix to find which ones answered with a modem. Or was this an intentionally stupid comment by a user with the +2 karma bonus?

Re:Back in the Days of the Square Wheel (0)

Anonymous Coward | 1 year,13 days | (#43346235)

C'mon, how could you get this wrong? Even MOVIES have gotten this correct (see WarGames) and they aren't known for their attention to accuracy!

If anything, war-dialing is the OPPOSITE of what the article is talking about!

TDoS is many 'phones' calling a single number to keep it blocked and closed.

War-dialing is a single 'phone' (MoDem in this case) calling many numbers to see which which ones answer and are open (And optionally to try and classify them; Voice, Fax, BBS etc.)

Pretty much dead these days but it's amazing how many open modem datalines are still out there!

Re:Back in the Days of the Square Wheel (0)

Anonymous Coward | 1 year,13 days | (#43346345)

TDoS is many 'phones' calling a single number to keep it blocked and closed.

Won't that be TDDoS ?

One phone calling single number to keep it blocked and closed = TDoS ?

Re:Back in the Days of the Square Wheel (1)

jon3k (691256) | 1 year,13 days | (#43348823)

No, because it's not many phones DISTRUBUTED, as in Distributed DoS (DDoS). It's just a piece of software that calls many times. It's not "distributed" in any sense of the word.

Trace the automated calls? (1)

invictusvoid (2882111) | 1 year,13 days | (#43346169)

Cant they trace where these "automated calls" are coming from? and get to the source? . AFAIK , DDOS attacks are run through a global network of compromised machines and hence are difficult to trace .. So is it a network of compromised phones now ?? When it's dark enough you can see the stars. -- Ralph Waldo Emerson,

Re:Trace the automated calls? (1)

petermgreen (876956) | 1 year,13 days | (#43347343)

So is it a network of compromised phones now ??

Don't think "phones", think "devices that are connected to both the phone network and the internet". PCs of users who kept their modems after switching to broadband for "backup" or "fax". VOIP exhanges (whether private or service provider operated) with PSTN gateway hardware, smartphones and so-on.

Re:Trace the automated calls? (1)

mabhatter654 (561290) | 1 year,13 days | (#43347681)

My opinion is that the telcos have too many cheap overseas cables being hacked. These are "inside jobs". Some unscrupulous telcos are selling their leftover call center volume on hard lines to the USA.

So they are "war dialing" from blocks that the telcos reserved for large company call centers, debt collectors, etc.. Those are lines with all the "spoofing" left on so YOU can't block the paying telemarketers and debt collectors. The telco can't cut them off because its the same lines companies pay lots of money for.

This typically isn't "hacked" somebody is selling it. The people operating the call center think they are answering calls PLACED TO THEM ... The wonders of integrated IP phones...

Re:Trace the automated calls? (1)

jon3k (691256) | 1 year,13 days | (#43348843)

Too hard to trace the source. Most of it is hacked PBXs. We should just do what we always do to catch them, just follow the money.

I want my $5000 (0)

Anonymous Coward | 1 year,13 days | (#43346191)

$5,000? Screw that, I want a fucking firetruck!

Computer crime, or cybercrime, refers to any crime (0)

Anonymous Coward | 1 year,13 days | (#43346195)

that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of a crime.

Re:Computer crime, or cybercrime, refers to any cr (1)

CanHasDIY (1672858) | 1 year,13 days | (#43347691)

that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of a crime.

Quick! to the USPTO! That'll fix 'em!

Manslaughter (1)

Anonymous Coward | 1 year,13 days | (#43346223)

If they are caught, these people should be held financially and criminally responsible for any emergency call that fails to go through. If anyone dies, I would think they should be charged with manslaughter at the least, but given that they intentionally tied up phone lines for emergency calls I would go as far as to call it premeditated murder.

Re:Manslaughter (1)

Stolpskott (2422670) | 1 year,13 days | (#43346253)

Throwing the book at them (preferably an authentic replica of the stone tablets that the 10 Commandments were written on) would be very satisfying, but arguing premeditation would be a challenge - there are definitely elements to the scam that suggest it could be made to stick, but the defence would also have plausible arguments.
Manslaughter or culpable homicide would be easier to argue for, and given that you would almost certainly be looking at more than one death, the results should amount to a similar time in gaol (jail, to the American-English speakers among us).

Bad headline (2)

anorlunda (311253) | 1 year,13 days | (#43346309)

The security alert linked in the summary says that the attacks were on the administrative lines of the emergency services, not the 911 lines. The summary and the Slashdot headline are bogus.

Re:Bad headline (1)

RandomUsername99 (574692) | 1 year,13 days | (#43346527)

Or, it might be deliberately spun that way to give people the impression that they are "putting the safety of the general public" at risk, which, I believe, is one of the unquestionable patriot-act definitions of terrorism?

Testing infrastructure weaknesses (1)

realsilly (186931) | 1 year,13 days | (#43347019)

I've read, heard about a lot of recent DoS attacks lately, from banks to power grids to government agencies and now to phone lines. I've seen my share of things that are systematically done to break something down, so I see all these attacks (some successful) as a strategic way for those who want to hurt us to prepare for the big hit. Just like corporations that are considered "Too Big to Fail", I think our US infrastructure has been built this way also. The more we interconnect to make things easier to manage, the more vulnerable we make ourselves.

Kill them all, no trial, just execution. (0)

Anonymous Coward | 1 year,13 days | (#43348053)

If I ever catch any of the sons of bitches who are responsible
for sending me spam, their own screams will be the last
sounds they ever hear.

Because Punking the Police is Such a Good Idea (1)

ClayDowling (629804) | 1 year,13 days | (#43350011)

Somebody may not have thought their clever little plan through as completely as they might have liked. The police have guns. And a lot of friends with guns. And a solid organized network for both communicating among themselves and with other departments, through multiple channels. I don't see this ending in a big payday.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...