A major nationwide communications provider (Bandwidth.com) is under a targeted Denial of Service attack that is affecting some part of calling for most customers nationwide. Unfortunately, there is nothing we can do to mitigate this attack as it is not hitting us directly. We must rely on their teams to remediate the issue. For direct updates you can subscribe to updates at https://status.servantvoice.com where we will post periodic updates. You can also read our emailed update from Monday to our Servant Voice and Servant 42 clients.
Who is affected?
In addition to being one of our primary carriers, Bandwidth is the backbone for most major communications companies from Microsoft Teams to Google Voice and smaller carriers like us in between. Upwards of 40% of the US’s service providers rely on Bandwidth.com for their voice and other services. This means that even if your own phone number is not housed with Bandwidth, it is likely that the person calling you is doing so from a Bandwidth number. We have seen several failed calls from Verizon and T-mobile related to this incident.
How long will it last?
The exact nature and identity of the attacker is not known; nor are their motives. Bandwidth is currently doing everything in their power to mitigate the DDoS attack as well as working with authorities. They are also posting their own updates at https://status.bandwidth.com
What are we doing?
We are investigating the feasibility of moving our Bandwidth numbers to alternate carriers. All new port request and phone number orders are already being completed on alternate carriers. As noted above, moving your numbers may not be sufficient to ensure service. It is only half of the equation. And there is no guarantee that the attackers will not move from Bandwidth to another provider as they have already done in recent months. We also sent out an email through our sister company that provides our support, Servant 42 (including our customers and theirs), on Monday evening September 27th, 2021, with some details and a description of the issue, which you can read here.
Where is this in the news?
Although coverage of these issues has been slow, likely because new information to report on has been scarce as Bandwidth.com has not made significant comment, we’re updating this post to add two recent news articles that mention it:
- Bandwidth.com is latest victim of DDoS attacks against VoIP providers (Bleeping Computer)
- DDoS assaults against VoIP providers continue (Tech Radar)
- A message from the Bandwidth CEO (added Tuesday afternoon)
- Bandwidth CEO confirms outages caused by DDoS attack (ZDNET, added Tuesday afternoon)
What can you do?
While incredibly frustrating, it is also likely that your customers and business associates are affected by the same attacks. That means they could be more understanding to requests for using alternate means of communications. We recommend using your social media, email and website to leverage alternative methods of communications. This may be email, tweets, website chat, Microsoft Teams, Slack and other forms.
We understand the importance of having working phones and appreciate your cooperation during this difficult time.
Sincerely,
David Szpunar
President, Servant Voice
CEO, Servant 42