As you may know, the telecommunications industry has been struggling to mitigate the recent disruptions caused from malicious actors targeting upstream service providers. Partners and customers may have experienced issues ranging from failed calls to delayed audio and the inability to interact with third-party auto attendants. We have been tracking the issue closely and providing real-time updates to clients who have submitted tickets. Due to the duration and scope of these issues, we are contacting our partners via email to provide additional detail and context regarding the situation.
In short, VoIP providers rely on underlying services from organizations called CLECs. A CLEC is a Competitive Local Exchange Carrier, which are service providers that translate modern digital phone service across the legacy phone network. If you’d like to learn more details about how they work, review this wikipedia page.
One of the largest CLECs in the country, Bandwidth (NASDAQ:BAND), has been the target of a Distributed Denial of Service Attack (“DDoS attack”) which occurs when a threat actor in control of millions of computers - often infected by malware - attempts to overwhelm the resources of a website or application by sending malicious data or pretending to be legitimate users of the application. These attacks are designed to exceed the capacity of the targeted application or service which results in degraded performance or a complete loss of access or use. DDoS attacks - when conducted at significant volumes - are difficult for carriers to withstand and mitigate. Bandwidth.com is latest victim of DDoS attacks against VoIP providers (bleepingcomputer.com)
Because KloudTel and all other major voice providers are downstream from CLEC carriers, the ability of voice providers to mitigate interruptions to these services is limited. The public telephone system in the United State is designed so that phone numbers are mapped to a single carrier, and therefore, there is no inherent ability to create redundancy for inbound call routing. Because of this limitation, service providers like KloudTel are subject to the availability of services from CLECs delivering inbound calls and are limited in the ability to avoid related interruptions. This limitation is true for all voice service providers, and not unique to any single provider.
We do have the ability to control outbound call routing, and we provide redundant and high availability of outbound services. However, despite this redundancy, outbound calls may continue to appear to experience problems because millions of phone numbers are ultimately routed back through the affected carrier and would therefore be negatively impacted at that time.
While the attacks are still ongoing, and it is unclear how long they will continue and if there will be additional interruptions in the immediate future. We will update the status of this interruption on our site here KloudTel Blog and also through email.
Thank you for your partnership; please let us know if you have any questions to servicedesk@kloudtel.com.