Overseas attacker swamped Telstra's triple zero service in attempted toll fraud

By on
Overseas attacker swamped Telstra's triple zero service in attempted toll fraud

The triple zero emergency service, which is operated by Telstra, was swamped by an onslaught of calls made by a hacker using a compromised telephone switching system, which led to a number of calls from genuine emergencies unanswered.

Telecommunication provider Vocus confirmed to CRN that the attack originated from one of its customer's compromised private automatic branch exchange systems (PABX), which had been hacked in an attempt to commit toll fraud. It is understood the hacker was operating from overseas.

“At 8.30am Saturday, Vocus was made aware of unusual inbound VoIP call activity to 000 call centres between 6.09am and 7.55am that morning,” a Vocus spokesperson told CRN.

The spokesperson said that pre-defined fraud filters meant that algorithmically generated attempts to dial international numbers failed and the attempt was aborted. Many of the calls happened to include the “000” prefix, which were routed to triple zero.

“Steps have been taken to prevent another such occurrence,” the spokesperson said.

“Toll fraud is a significant problem and can be complex and time consuming to resolve. Vocus takes fraud awareness very seriously and works closely with customers to assist them to keep their business safe from toll fraud attacks.”

Telstra, which holds a multimillion-dollar contract with the government to provide the call centre and connections to triple zero for all telcos, told Fairfax Media that it worked with the government, triple zero and Vocus to resolve the issue.

CRN has reached out to Telstra for comment.

The office of Minister for Communications Mitch Fifield told CRN that it has requested a report from the Secretary of the Department of Communications on the incident as well as the network outage that affected triple zero calls on 4 May.

A fire-damaged cable in regional New South Wales downed some of Telstra's mobile services on 4 May, also affecting triple zero.

According to a report from iTnews, Investigators from the NSW Rural Fire Services said the cable wasn't damaged by a lightning strike, as had originally been suggested, and they were yet to determine the actual cause of the fire.

“The Emergency Call Service Code, developed by industry body Communications Alliance and registered by the ACMA, requires carriers to ensure the protection of calls to emergency services when the triple zero operator identifies events like mass non-genuine calls,” a communications spokesperson told CRN.

“When carriers become aware of a significant network failure, the carriers are required to assess the failure, assess if customers were affected, then advise relevant carriage service providers that use its network, and inform the ACMA.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © CRN Australia. All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?