AA20-6

T-Mobile Outage Mistaken for Massive DDoS Attack on U.S.

Wireless carrier T-Mobile on Monday suffered a major outage in the United States that impacted service at other carriers as well, and it ended up being reported as a “massive” distributed denial of service (DDoS) attack.

The incident started around noon and continued to impact T-Mobile’s network throughout the day, leaving millions without voice and text service. For some, data connectivity was also impacted.

Hours into the outage, T-Mobile President of Technology Neville Ray took it to Twitter to announce that the carrier was working on resolving the issue, which spurred a long wave of negative responses from discontent customers.

“Our engineers are working to resolve a voice and data issue that has been affecting customers around the country. We’re sorry for the inconvenience and hope to have this fixed shortly,” he said.

Other carriers were also affected by the incident, but reportedly blamed the experienced technical issues on the outage impacting T-Mobile’s network.

In a statement on late Monday, T-Mobile CEO Mike Sievert said that the issue impacted customers across the country, noting that, despite recovery efforts, it would still take several more hours to fully restore services.

“This is an IP traffic related issue that has created significant capacity issues in the network core throughout the day,” he revealed.

According to Sievert, data services remained operational throughout the outage, but many users complained about their inability to access online services.

Some were quick to categorize the outage as a DDoS attack targeting major services in the United States, based on data from Digital Attack Map (an Arbor Networks service that monitors DDoS attacks) and outage aggregator Downdetector, and citing a tweet from @YourAnonCentral, which speculated on the source of the attack: “it may be China as the situation between South and North Korea is currently deteriorating.”

Matthew Prince, co-founder and CEO of Cloudflare, however, points out that the claims of the outage being caused by a DDoS attack are unsubstantiated, and says that the cited sources are unreliable (cybersecurity expert Marcus Hutchins does the same).

While DDoS attacks happen constantly, every day, there were no signs of a massive assault, based on the amount of traffic observed, and the fact that no major Internet service or platform reported anomalies, Prince notes.

“Except T-Mobile, which is having a bad day almost certainly entirely of their own team’s making. So, please, #hugops. And don’t worry, this is one thing that does not need to get added to the list of craziness that has been 2020,” he concludes.

FCC Chairman Ajit Pai has described the outage as “unacceptable” and says an investigation has been launched.

SOURCE: Security Week