Power outage caused most security incidents in the telecom sector
20.07.2022
”According to the Authority’s data, in the context of the ongoing intensive usage of electronic communications services in 2021, security incidents decreased significantly compared to the previous year, by almost 30%, both in terms of their total number and in the number of affected connections. Services with the most subscribers – i.e., mobile telephony and mobile internet, – were less affected by incidents compared to the previous year, the security measures adopted in these segments proving positive effects on increasing network resilience. Power outage, as we have previously pointed out, tends to become the main cause of security incidents in the telecom sector: almost half of the incidents recorded in 2021 are related to power supply failure, either on the provider’s or on its partners’ side. On the other hand, telecom operators did not report to the Authority any significant cybersecurity incidents that could have impacted the content confidentiality, integrity or authenticity. Therefore, the landscape of the telecom sector in Romania shows that we are on solid ground in terms of network cybersecurity, which is not the situation when it comes to the power supply of equipment, and measures to prevent the recurrence of such failures have had very limited efficiency.”, said Eduard LOVIN, vicepresident of ANCOM.
Affected connections
According to the notifications received in 2021, five providers of public electronic communications networks or of publicly available electronic communications services reported 410 incidents with significant impact on the security and integrity of the electronic communications networks and services i.e., 30% less compared to 2020. These incidents affected a total number of approximately 8 million connections.
Last years’ trend continued, with mobile telephony and SMS connections being the most affected by significant incidents (3.3 million connections), followed by mobile internet connections (2.8 million connections), and fixed internet connections (approx. 520 thousand connections), while the least affected by such incidents were audio-visual programme retransmission connections (approx. 350 thousand connections affected) and fixed telephony transmissions (approx. 1 million connections).
The decrease in the number of connections affected continues in the categories of mobile services (-41%) and audio-visual programme retransmission services (-37%). However, concerning fixed telephony services, we witness an upsurge by 100% in the number of affected connections, in the context of the continuously dwindling number of fixed telephony connections.
The average number of connections affected by an incident in 2021 was 18,577, less than in 2020 (20,582 connections). However, an analysis by services reveals an increase in the average number of connections affected in the case of fixed telephony services and in the case of fixed internet services, and a decrease in the case of mobile services and audio-visual programme retransmission services.
The total duration of the incidents reported in 2021 was 2,276 hours and 44 minutes, on a sharply sinking trend compared to 2020 (3,339 hours), while the average duration of an incident was 5 hours and 30 minutes, similar to that of 2020 (5 hours and 48 de minutes).
Geographic distribution
Regarding the geographic area affected, in 2021, most incidents affected one county (225 incidents), a comparable number of incidents affected 2 to 10 counties simultaneously (183 incidents), while two incidents had a countrywide impact.
The counties affected by the highest number of incidents were Dambovita (43 incidents), and Teleorman (42 incidents), while the least affected by incidents with a significant impact in 2021 were Tulcea (4 incidents), or Braila and Vrancea (6 incidents each).
Affected resources
Concerning the resources affected, most of the incidents affected the transmission means (237 incidents), base stations and mobile controllers (116 incidents).
13 incidents affected several categories of resources concomitantly and – by contrast to last year, when most of these incidents were caused by natural phenomena (yellow and orange code warnings for severe weather, violent wind, heavy snow, blizzard), – in 2021 most incidents fell in the category External cause/Third party/Human error (road construction or water supply works carried out by third parties, etc.) and affected multiple categories of equipment, which were cut off from power supply.
ANCOM Report
ANCOM’s Report on the significant incidents that affected the security and integrity of electronic communications networks and services in 2021 was drawn up based on the data reported by providers and is available, in Romanian, here. The Authority collects such data based on Decision no. 512/2013, establishing the providers’ obligation to notify ANCOM on the incidents with significant impact on the security and integrity of electronic communications networks and services - i.e., incidents that affected more than 5,000 connections for at least one hour.