Telstra Now Says Outage Wasn’t a Cyber Attack

Telstra Now Says Outage Wasn’t a Cyber Attack
Image: Getty Images

On Sunday thousands of Australians on Telstra’s home internet networks experienced outages. While Telstra initially claimed this was a cyber attack, it has now provided a different explanation.

Update 2:45pm

In a series of tweets on Sunday Telstra referred to the outages as a “cyber security attack” and stated its attempts to block “malicious traffic” was having an impact on its NBN services.

“Update: We’ve identified the issue and are working on it. Some of our Domain Name Servers (DNS) used to route your traffic online are experiencing a cyber attack, known as a Denial of Service (DoS). Your info isn’t at risk. We’re doing all we can to get you back online,” Telstra said in a tweet.

Since then, Telstra has admitted that the outage was just a DNS issue and not a malicious attack. Fortunately, the telco also stated its NBN services are back up and running.

“This morning some customers in Victoria, NSW, ACT and Tasmania experienced issues accessing the internet. That issue has now been resolved,” a Telstra spokesperson said in an email to Gizmodo Australia.

“The massive messaging storm that presented as a denial of service cyber attack has been investigated by our security teams and we now believe that it was not malicious, but a DNS issue.”

Gizmodo Australia has asked Telstra why it initially believed the outage was the result of a cyber attack.

You can read our original story below:

According to Down Detector, Telstra home internet customers began experiencing problems at around 10:00am AEST on Sunday.

The locations with the highest issue reports are Melbourne, Sydney, Glen Iris, Essendon, Brunswick, Blackburn, Ashfield, Eastwood and Abbotsford

The issue seems to be impacting some of Telstra’s Domain Name Servers (DNS).  This was confirmed by Telstra in a series of tweets.

“Our team is looking into an issue impacting some home internet connections including nbn. We’ll keep you posted as we get on top of it. Sorry to mess with your Sunday plans,” Telstra said on Twitter.

The telco also confirmed the outage is due to a orchestrated Denial of Service (DoS) attack.

“Update: We’ve identified the issue and are working on it. Some of our Domain Name Servers (DNS) used to route your traffic online are experiencing a cyber attack, known as a Denial of Service (DoS). Your info isn’t at risk. We’re doing all we can to get you back online,” Telstra said.

“We’re blocking the malicious traffic attacking some of our services. We are confident we have blocked all of this malicious traffic and are working to get you back up and running again. Thanks for sticking with.”

At the present time there’s no word on who initiated the attack or when the servers will be back to normal.

“We’ve identified a cyber security attack which is seeking to attack some of our services,” a Telstra spokesperson said in an email to Gizmodo Australia.

“We’re blocking that malicious traffic and, as a consequence, that’s having an impact on nbn services. When we’re comfortable that we’ve blocked all of the malicious traffic, we’ll get services back up and running.It’s important to note no customer information is at risk.”

What is a DoS attack?

A Denial of Service (Dos) attack a calculated assault on a website, network or server. The attack overwhelms the target’s server capabilities and makes it unavailable to other people or devices.

In other words, it makes the server go down, as we have seen on the Telstra network today.

Not all server failures are a DoS attack, though. For example, MyGov went down earlier this year due to too many people trying to access it at once. This was due to a lack of server capacity, which is not the same as a DoS because it was not an attack.

What is a DNS Server?

A Domain Name System (DNS) is basically the internet’s phone book. If you type in a website name, like gizmodo.com.au, DNS servers translate the name of that website to the IP address where it’s actually hosted.

How to change DNS Settings

Some Telstra users have managed to get back online by manually changing their computer’s DNS IP address to a public DNS, like Google’s. This strategy is often used when people have issues with online gaming or want to get around firewalls and geoblocks.

To change your DNS to Google’s, go into your router settings and find ‘DNS settings’. Go into manual settings and change ‘Primary DNS’ to 008.008.008 .008. Google also has a secondary server you can try – 8.8.4.4.