Cyberattacks beginning to affect mobile service too, study says

Distributed Denial of Service (DDoS) attacks are beginning to show up as a cause of mobile phone outages, according to respondents of a survey.

TED talks make that possible to do in a single sitting. Here are four talks that in just over an hour

The Spirient-commissioned report surveyed 54 global Mobile Network Operators (MNO), polling them on their experiences with outages and service degradations. It found that DDoS attacks showed up for the first time in this year’s report. For comparison, cyberattacks didn’t surface at all the last time researcher Heavy Reading conducted the survey for Spirient in 2013.

Spirient is a test and service management firm for MNOs.

Wireless phone networks have increasingly become all-IP, Spirient explains. Hence they’re open to the same kinds of problems as other networks—including cyberattacks. It’s a relatively new problem for the MNOs.

“The mobile communications ecosystem is an all-IP environment” now, Spirient says. That’s a change since the 2013 mobile network reliability report. Then it wasn’t all Internet-based.

Another change since the first report is that “network failures” have emerged “as the single most common cause of network outages.”

“Network failures are now the leading cause of mobile network outages, where physical link failures were the primary cause a couple of years ago,” Patrick Donegan, senior analyst with Heavy Reading, said in an e-mail briefing.

While the researchers include the radio access network, transport network and routing as being in the network failure category, and found those three to be the most problematic, Internet access is also in that category, as is the data part of the mobile core, data center networks and the applications for them. Those elements often had outages and degradations, too.

It’s due to “the increased volume and variety of complex protocol interactions in the mobile networks,” they reckon. The top spot two years ago was physical link failures. Those kinds of failures have been mitigated recently by fiber and better microwave creating redundancy, the study says.


Cyberattacks are now on the radar. A notable event that the report mentions was Croatia’s T-Hrvatski Telekom’s most-of-the-day mobile service shut down in September 2015. T-Hrvatski is a subsidiary of Deutsche Telekom. That outage was due to a DDoS attack.

Ironically, while it may be that MNOs are starting to see attacks on their own networks, those MNOs may have funneled DDoS themselves.

A new kind of mobile phone DDoS attack, launched by hackers, from smartphone ads was reported in September 2015. That attack, using JavaScript, was discovered by content delivery network and security firm CloudFlare. It discovered a DDoS attack that was creating 4.5 billion requests a day, targeting a client.

The advertisements, deriving from mobile phones in China, churned out 275,000 HTTP requests per second, according to The Register, who wrote about the attack at the time. The recipient website was unnamed.

Taking longer

Cybersecurity aside, other outage findings in the report is that there’s been a higher incidence of outages, and that they’re taking longer to fix, compared with 2013.

The most trouble-prone MNOs had at least 15 incidents a year, the study reckons. And MNOs in general are seeing more “incidents taking 48 hours or more to fix,” Donegan says.

“These outages will only increase in severity and frequency as video traffic and IoT place massive demands on network capacity,” John Baker of Spirent added in the brief.