The lengthy outage of Optus’s internet and mobile services across the country could have been caused by the same issue that brought down Facebook two years ago, experts suggest.
Cloudflare, which tracks a range of activity on the internet, noticed a spike in Border Gateway Protocol (BGP) announcements from the telco coinciding with the time Optus’s network went offline.
BGP effectively acts as a roadmap for the internet, and the announcements tell the rest of the internet the easiest way to a particular location.
Matt Tett, managing director of network analysis company Enex TestLab, told Guardian Australia that while he was not certain of the cause, Optus appears to have had some failure in routeing at 4am that caused an exponential increase in BGP announcements.
“This morning when I woke up, I just instinctively thought: it’s either a cyber incident or a configuration issue. And nine times out of 10 it’s a configuration issue when you have such a big issue like that.”
He said the company would probably have had to send an engineer to actually physically connect to one of the routers to get it working.
“Optus are probably trying to pinpoint who is responsible and determine whether it is them or someone else,” he said, adding that it could be a partner the company works with on service provision.
The reason why it brought down not just internet but also landline and mobile services, Tett said, is because networks are now IP-based and when the internet protocol network has an issue, “absolutely, it will take down all their systems”.
Facebook, WhatsApp and Instagram went offline for five hours in 2021 due to an issue with BGP. Facebook at the time said it was a configuration change to the backbone routers that coordinate network traffic between the company’s datacentres – which had a cascading effect – that brought Facebook services to a halt.
In the case of the Facebook outage, it took a long time for the global company to fix the issue. Similarly, the CEO of Optus, Kelly Bayer Rosmarin, told the ABC that engineers at Optus had tried “a number of paths of restoration” to bring mobile and internet services back online, but “so far we have not had the results that we hoped for”.
“We had a number of hypotheses – and each one so far that we’ve tested, and put in place new actions for, has not resolved the fundamental issue.”
After Optus’s widely publicised hack last year, which resulted in the exposure of the personal information of 10 million customers, many minds immediately jumped to the possibility of another cyber-attack. But Bayer Rosmarin said it was “highly unlikely” the outage was caused by a hack, and that an outage of this sort was a “very, very rare occurrence”.
As one of three mobile network operators in Australia, Optus is keenly aware of people’s reliance on its network and the need for measures to ensure it stays up. Optus’s parent company, Singtel, said in its most recent annual report the company had “implemented key network infrastructure diversity” to prevent network disruptions and downtime.
Guardian Australia sought more information from Cloudflare and asked Optus about this specific issue, but has yet to receive a response.