Is this the first case of a Distributed Denial of Physical Service?

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Is this the first case of a Distributed Denial of Physical Service?
From: <tonyl@xxxxxxxxxx>
Date: 9 Dec 2003 14:50:40 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm


Hi,

Please see:

http://www.theregister.co.uk/content/6/34388.html
http://www.cambs.police.uk/camops/press_releases/press_releases.asp?ID=1992

It appears that an individual has successfully socially engineered a 
distributed denial of physical service (DDoPS?).

A (hoax) email had been sent out to individuals informing them of their latest 
purchase and that their credit card had been charged accordingly.

As the individuals had not ordered iPods at £399.95, they were socially 
engineered into calling the customer service line given in the email.

This telephone number happened to be for the UK's Cambridgeshire Constabulary 
(police) Main Switchboard.

At the peak of this DDoPS, the switchboard was receiving 500 calls an hour, 
effectively denying the usual use of this telephone service.

It appears that a whole range of "systems" and processes may be vulnerable to 
this type of attack and raises some interesting points to consider...

Kind regards,

Tony Langley
Systems Architect
S2S Limited

Follow-Ups:
- Re: Is this the first case of a Distributed Denial of Physical Service?
  - From: Nick Johnson

Prev by Date: BNCweb File Disclosure Vulnerability
Next by Date: MDKSA-2003:113 - Updated screen packages fix buffer overflow vulnerability
Previous by thread: BNCweb File Disclosure Vulnerability
Next by thread: Re: Is this the first case of a Distributed Denial of Physical Service?
Index(es):
- Date
- Thread