San Francisco, Jan. 14, 2014 – With “robocalls” increasing fifty percent in one year and Voice over IP services routinely commandeered in attacks that overload and extort money from critical public safety switchboards, the Messaging, Malware and Mobile Anti-Abuse Working Group is initiating a two-step, global effort to protect telephony services from criminal activity and abuse. A February workshop open to the industry, government and academia will focus on identifying key threats and actions to help reduce telephone services exploitation and a new M3AAWG special interest group will tackle the ongoing work of developing best practices, technologies and methods for mitigating phone-based attacks.
Telephony abuse has recently expanded beyond annoying automated telemarketing robocalls and today has become a public safety issue as it disrupts text, voice, video call, and messaging services. Consequently, the Voice and Telephony Anti-Abuse Workshop and the new M3AAWG VTA SIG are open to all services connected to the global public telecommunications network that use telephone numbers as a primary endpoint address.
According to complaints logged by the U.S. Federal Trade Commission, robocalls increased more than fifty percent in fiscal 2012, just in the United States. Other, more serious, telephony exploits are endangering public safety; for example, there are “swatting” extortion schemes where criminals use Telephone Denial of Service (TDoS) assaults to swamp fire, hospital or police call centers and prevent legitimate emergency calls from getting through. The assailants then demand a ransom payment to end the onslaught.
“Telephony is quickly becoming another Internet medium for cybercriminals to exploit as media-agile attackers integrate robodialing, text messaging, email, voice response, boiler room and Web attack vectors. Internet and telephony technology are converging, and inexpensive VoIP services are providing the accessibility and anonymity for national and transnational attacks. The Voice and Telephony Abuse SIG will tap into the proven collaborative methodologies and the expertise at M3AAWG that has successfully curtailed spam and malware as we focus on mitigating the increasing abuse we’re seeing with the convergence of the Internet and telephony,” said Alex Bobotek, M3AAWG Co-Chairman.
Vetted Attendance at Workshop and SIG
Both the workshop and SIG kickoff are being held in conjunction with the M3AAWG 30th General Meeting, which is February 17-20 in San Francisco. The February 20-21 workshop, hosted by the new VTA SIG, is open to approved telephone companies and mobile operators, ISPs, law enforcement, security vendors, academia, government and public policy officials, and other industry personnel interested in fighting telephony abuse. The initial VTA SIG kickoff working session is scheduled during the general M3AAWG meeting.
The SIG will leverage the organization’s decade-long experience in bringing together divergent industry partners in a vetted environment to develop collaborative practices that protect networks and end-users. It is being led by SIG co-chairs Bobotek and Mustaque Ahamad, professor at Georgia Tech’s College of Computing.
Industry professionals who are not M3AAWG members can find more information and request an invitation to the vetted Voice and Telephony Anti-Abuse Workshop at http://bit.ly/1fkskaI. M3AAWG members can request to attend the workshop on the meeting registration page accessible with login at www.m3aawg.org.
The four-day M3AAWG 30th General Meeting will offer three tracks and 40 sessions featuring presentations by leading experts on malware detection, DDoS attack prevention, mobile security, public policy issues, anti-abuse work in developing countries and other topics. The M3AAWG Hosting SIG and M3AAWG Identity Management SIG have organized working sessions to continue developing important industry best practices on related issues. A full-day of training includes courses on understanding mobile spam, the final Canadian Anti-spam Legislation (CASL) regulations, IPv6 and other sessions.
About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.
# # #
Media Contact: Linda Marcus, APR, 1+714-974-6356 (U.S. Pacific), LMarcus@astra.cc, Astra Communications
M3AAWG Board of Directors: AT&T (NYSE: T); CenturyLink (NYSE: CTL); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Facebook; Google; Mailchimp; Oracle/Eloqua; Orange (NYSE and Euronext: ORA); PayPal; Return Path; Symantec; Time Warner Cable; Verizon Communications; and Yahoo! Inc.
M3AAWG Full Members: 1&1 Internet AG; Adobe Systems Inc.; AOL; BAE Systems Detica; Cisco Systems, Inc.; CloudFlare; Dynamic Network Services Inc.; Email Sender and Provider Coalition; Experian Marketing Services; iContact; Internet Initiative Japan (IIJ, NASDAQ: IIJI); LinkedIn; McAfee Inc.; Mimecast; Nominum, Inc.; Proofpoint; Scality; Spamhaus; Sprint; and Twitter.
A complete member list is available at http://www.m3aawg.org/about/roster.