Experts warned today that it is “possible” that Tuesday’s AT&T outage was caused by a cyberattack on US cellular infrastructure.
Customers in at least 24 states were affected by the outage, which included problems making calls to people on other networks and problems accessing the Internet.
But when police reported that customers were having trouble making emergency calls to 911, suspicion arose that something nefarious was happening.
Cybersecurity experts told DailyMail.com that when ‘for-profit threat actors target any opportunistic vulnerabilities; everything is possible.’
However, an AT&T spokesperson told DailyMail.com that “yesterday’s issue was not the result of a cyber attack” but was “related to interoperability between carriers, which has now been resolved.”
It comes after a major attack leaked the personal information of more than 70 million AT&T customers.
AT&T customers have reported problems making calls to 911 in several US states. At least 24 states are experiencing problems that began around 12:26 p.m. ET
Cybercriminals view 911 call centers as attractive targets due to the large amount of sensitive data the systems include.
Accessing that information is a major issue for public safety, meaning hackers believe the Emergency Services Sector (EES) would be more tempted to pay ransoms to ensure information remains secure and systems return to normal. function.
Customers complained that 911 was not working yesterday after AT&T mistakenly sent a wireless impact notification to emergency call centers, but a company spokesperson said services had been operating normally.
The spokesperson added: “We are working to correct a wireless impact notification that was sent in error to 9-1-1 call centers.”
With more than 241 million customers, “AT&T is a very desirable target because of its size and coverage,” said Alex Holden, founder and chief information security officer at Hold Security, a threat intelligence services company that monitors the dark web.
“We should learn from the example of the 2023 Russian cyberattack against Ukraine’s largest cellular service provider, Kyivstar,” he added.
The hack knocked out Ukraine’s largest mobile operator with 24 million users intended to collect intelligence information.
“This attack is a big message, a big warning, not only for Ukraine, but for the entire Western world to understand that no one is really untouchable,” said Illia Vitiuk, head of the cybersecurity department of the Security Service of Ukraine (SBU). . Reuters in December.
But Holden told DailyMail.com that yesterday’s outage was unlikely to be the result of a cyberattack because “nation-state threat actors are not looking to cause serious service disruptions as this can lead to an escalation of tensions.” between nations or even a war.
Despite this reassurance, the AT&T outages highlight how vulnerable the United States is to attacks, Alex Hamerstone, director of advisory solutions at cybersecurity company TrustedSec, told DailyMail.com.
“An attack designed to overwhelm networks, not just damage them, could have a huge impact,” he said, because by cutting off phone calls and the Internet, people would lose access to much-needed health care and transportation.
Many users threatened to leave America’s largest phone provider after yesterday’s blackout and expressed outrage that they will be required to pay their full bill after the second blackout in less than four months.
AT&T outages spread, with problems reported in Tampa, Atlanta, Houston, Los Angeles and Phoenix.
Hackers exploit mobile phone software and infrastructure to steal valuable data and, by targeting large businesses, could receive lucrative ransomware profits.
AT&T has suffered two extended outages this year, affecting tens of thousands of users across the United States.
The company was also hit by a major data breach in 2021 when hackers claimed they had stolen customer data from the service provider and threatened to sell the information, an allegation AT&T denied.
According to Hamerstone, an enormous amount of effort is required to maintain cell phone infrastructure around the world.
“In fact, I think a lot of people would end up being surprised that things work so often,” he told DailyMail.com.
Maintaining cellular infrastructure is a two-tier process, Hamerstone said, because workers need to keep the existing system up and running while continually improving, updating and expanding systems, networks and equipment.
This also includes improving the resilience of infrastructure to security threats.
He clarified that a cyber attack has the possibility of causing a cell phone to crash at any time, although ‘in general it is not the most likely’.
The major outage in February that affected not only AT&T, but also Verizon and Cricket Wireless, led the Federal Communications Commission (FCC) to open an investigation to determine whether it was caused by a cyber attack.
In April, the FCC opened an additional cybersecurity investigation after people in four states, including South Dakota, Nevada, Texas and Nebraska, were unable to make 911 calls.
“There are many things that can lead to service disruption, which can range from issues with physical infrastructure, challenges with updating the underlying code and human error,” Hamerstone said, adding: “Service disruptions are also much more notable as more and more of our daily lives depend on wireless communication.’
