Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

T-Mobile outage caused by configuration error, not a DDoS attack

T-Mobile

Rumors began circulating on Twitter yesterday that the U.S. was under a massive DDoS attack. It turned out to be an outage on T-Mobile caused by a configuration error.

It started with a tweet by an ‘Anonymous’ Twitter account that showed a “DDoS attack” map indicating that the USA was under a massive  DDoS attack allegedly from China.

It started to spiral downward with people quickly retweeting the information to the point that a US congressman retweeted the rumors of the attack.

Ted Lieu tweet

DDoS (Distributed Denial of Service) attacks occur when servers and cyber-systems are overloaded with more traffic and network requests than they are equipped to handle.

To evade detection and security measures, such as automatic IP blocks, DDoS attackers typically use a large army of bots, different IP addresses, and networking tactics to make it harder for systems to tell malicious traffic from legitimate individual requests.

These attacks result in the target systems being unable to respond or crashing altogether, therefore causing outages.

However, industry experts and security researchers immediately became skeptical whether these outages were indeed resulting from a DDoS attack, or was it a case of simple network change gone wrong?MalwareTech@MalwareTechBlog

So far no provide other than T-Mobile has declared they’re having issues (and T-Mobile hasn’t said anything about DDoS), but in 1 hour we’ve already gone from an Anonymous account tweeting a meme pewpew map to senators chiming in? Can we maybe pump the brakes and wait for info?2,309Twitter Ads info and privacy576 people are talking about this

Cloudflare CEO, Matthew Prince also tried to quell the rumors of DDoS attack via a series of tweets:

“There’s a lot of buzz right now about a “massive DDoS attack” targeting the US, complete with scary-looking graphs (see Tweet below). While it makes for a good headline in these already dramatic times, it’s not accurate. The reality is far more boring.” 

“It [started] with T-Mobile. They were making some changes to their network configurations today. Unfortunately, it went badly. The result has been for around the last 6 hours a series of cascading failures for their users, impacting both their voice and data networks,” Prince tweeted.

In the same Twitter thread, Prince posts detailed infographic generated by Cloudflare that shines a light on the “boring” reality of internet traffic.

An “outages” mailing list, used to report “failures of major communications infrastructure components having significant traffic-carrying capacity,” also only saw problems stemming from the T-Mobile network.

Needless to say, in these times of heightened anxiety from the pandemic and protests, the outage left over 110,000 T-Mobile users unable to make or receive calls, starting around 12 PM EST on June 15th.

T-Mobile outage map
T-Mobile outage map
Source: Down Detector 

T-Mobile’s President of Technology, Neville Ray tweeted, “Our engineers are working to resolve a voice and data issue that has been affecting customers around the country. We’re sorry for the inconvenience and hope to have this fixed shortly.”

“Teams continue to work as quickly as possible to fix the voice & messaging problems some are seeing. Data services are now available & some calls are completing.  Alternate services like WhatsApp, Signal, iMessage, Facetime etc. are available. Thanks for your patience.”

As of today, just a few hours ago, Ray has confirmed the issue is now resolved: “Voice and text services are now restored. Thank you for your patience as we fixed the issues. We sincerely apologize for any and all inconveniences.” 

This outage and the speed of its resolution certainly did not sit well with some of the telecom’s customers: 

Angry customer tweets

Outages like these reinforce our dependence on technology and the digital realm, and the inevitable responsibility companies have in ensuring their uptime, in addition to securing them from the latest threats and attacks.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us