Telephone calls haven’t declined because we have become anxious or lazy. They’ve fallen out of favor because using the telephone feels mechanically ungainly as much as socially so.
The attacks targeted the DTMF algorithms, which converted user commands into actions, such as pulling customer bank records from databases.
Vulnerabilities in those databases could be exploited by speaking attack commands down the phone. In one instance, Sasi trigged a buffer overflow against a demonstration system.
More information on this from: DTMF Telephony Denial of Service (TDoS) Issues for IVRs
Since most of these attacks simply involves transmission of DTMF, they are very easy to execute and automate. These vulnerabilities could impact any IVR, whether it is TDM, VoIP, the latest UC, etc.
In 1986, the latest shift was “call waiting,” which Judith Martin compared to “standing at a cocktail party and not paying attention to the person you’re with, waiting for a more important person.” Now, of course, as we stand at that same cocktail party, fidgeting with our smartphones—which, despite rarely looking like something designed for speaking into, we not only talk on, but to (summoning the iPhone’s electronic concierge, Siri, for directions or the weather)—the interruptions that once occurred on the telephone line now occur in real time and space.