CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

ENISA Report Outlines Incidents Causing Major Outages at Telcos

The European Network and Information Security Agency (ENISA), Europe’s cyber security agency, has released a new report outlining incidents that resulted in “major outages” at electronic communication networks or services in the EU during 2012.

The report provides an aggregated analysis of the 79 reported incidents of severe outages of electronic communication networks, or services during the year.

The European Network and Information Security Agency (ENISA), Europe’s cyber security agency, has released a new report outlining incidents that resulted in “major outages” at electronic communication networks or services in the EU during 2012.

The report provides an aggregated analysis of the 79 reported incidents of severe outages of electronic communication networks, or services during the year.

According to the Annual Incident Reports 2012:

• 18 countries reported 79 “significant” incidents, nine countries reported no significant incidents.

• Most incidents affected mobile telephony or mobile Internet (about 50%).

• Incidents affecting mobile telephony or mobile Internet also affected most users (around 1.8 million users per incident).

• Incidents caused by overload followed by power failures respectively had most impact in terms of number of users affected times duration.

• For most incident reports, as well as for the four services, (fixed and mobile telephony, and fixed and mobile internet) the root cause was “System failures” (75 %).

Advertisement. Scroll to continue reading.

• Hardware failures were the most common cause of “Systems failures”, followed by software bugs.

• Switches were the most frequent point of failure (e.g. routers and local exchange points) followed by mobile network home location registers.

• Root cause third party failure incidents, mostly power supply failures, affected around 2.8 million user connections per incident on average.

• Incidents involving overload affected around 9.4 million user connections per incident on average.

• Incidents caused by natural phenomena (mainly storms and heavy snowfall) lasted the longest: on average around 36 hours.

Some interesting incidents pulled from the report include

Overload caused VoIP outage – In the shift from a temporary to a permanent network solution, voice over IP service was disrupted for 400,000 users after the platform became overloaded as a result of too many simultaneous registrations of customer devices.

Faulty Upgrade halted IP-base traffic – An upgrade in a core router went wrong, causing a drop of all IP based traffic for the provider causing many services to go down, including the emergency number 112. This incident led to an outage of 17 hours affecting 3 million users.

DDoS attacks on DNS affected mobile Internet – A series of DDoS attacks targeted a provider’s domain name service. Up to 2.5 million mobile Internet users were affected during 1-2 hours. The attacking IP-addresses were tracked and blocked, the load balancing units were restarted and the traffic could be recovered. As post-incident actions additional DNS servers were installed, configuration changes were made on firewalls and hardware was expanded to withstand similar attacks.

“Reporting major incidents helps us understand what went wrong, why, and how to prevent similar incidents from happening again,” ENISA Executive Director, Professor Udo Helmbrecht said in a statement.

The full report can be downloaded here. ENISA’s 2013 report is expected to be published in the spring of 2014. 

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.