Federal agencies are 'urgently investigating' whether the massive cellular outage that plagued Americans on Thursday was a cyberattack.
The Federal Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) are on the hunt to track down what disrupted service AT&T, Verizon, T-Mobile and a dozen other cellular providers.
While the agencies have not shared details, a security expert told DailyMail.com that the outage has hallmarks of a hack.
Lee McKnight, associate professor at Syracuse University in New York, said the widespread nature appears to be 'a massive Distributed Denial of Service (DDOS) attack on core Internet infrastructure.'
This type of attack attempts to crash a website or online service by bombarding it with a torrent of superfluous requests at exactly the same time.
The surge of simple requests overload the servers, causing them to become overwhelmed and shut down.
While the agencies have not shared details, a security expert told DailyMail.com that the outage has hallmarks of a hack
McKnight, who is also an Affiliate of the Institute for National Security and Counterterrorism (INSTC), noted that DDOS is becoming a popular assault among cybercriminals.
He referenced the event in 2016, which saw the Mirai botnet bring down sites like Netflix, Twitter, Amazon and PayPal.
'Some of those were launched by --kids for fun-- others by malicious actors eg on Taiwan government websites when Nancy Pelosi flew there (hmm, wonder who),' said McKnight.
'Reality is you cant rent DDOS as a service attacks by the hour on the Dark Web, so who exactly might be behind it may never by fully known/attributed. DDOS stressers and booters are a thing.'
The professor had speculated a cloud misconfiguration could be the culprit, which means the outage was caused by human error.
'A major cloud service provider such as AWS or Azure experiencing an outage at one of their data centers is possible but less likely to be the cause in my opinion,' McKnight said.
Lee McKnight, associate professor at Syracuse University in New York, said the widespread nature appears to be 'a massive Distributed Denial of Service (DDOS) attack on core Internet infrastructure'
'Back to the other services going down: if ATT business services for example are the primary business partner of other firms, their issues would affect their customers as well; at least until they could shift traffic to a possible backup service provider.
'But again this is speculation with limited information; and the first usual suspect remains human error/cloud misconfiguration.'
Cloud misconfigurations are gaps, errors and vulnerabilities that occur when security settings are poorly chosen or completely neglected.
Such mistakes can disrupt performance of a system or leave the cloud open to infiltration by adversaries.
This issue allowed Russia and China to ‘attack Google’ in 2018.
Data belonging to users across the globe was intercepted by servers in Nigeria, China and Russia - including those run by major state-owned telecoms providers.
However, it is unknown if hackers took advantage of Thursday’s outage.
DownDetector's outage map highlights New York, Boston, Washington, Montreal, Honolulu, Atlanta, Houston, Dallas, Los Angeles, Seattle and San Francisco as hot spots with disruptive service
Cloud misconfiguration can happen in several different ways, such as unchanged defaults.
Some refer to unchanged defaults as an ‘elementary mistake,’ which is made by someone working with systems who did not change the default usernames and passwords.
Another is ignoring logs that collect information about the system’s security gaps, unauthorized access, breaches and other related items.
If the logs are not attended to in a timely matter, staff working on the system will become backed up with details that become difficult to correct.
However, it is unclear what type of cloud misconfiguration caused the outage or even if that was the issue.
AT&T has suffered data breaches in the last year with one in March that impacted nine million people.
In 2023, Ukraine’s top mobile service, Kyivstar, was hit by a cyberattack that knocked out services for half of the population, damaged IT infrastructure and put millions of people in danger of not receiving alerts of potential Russian air assaults.
AT&T fell victim to a solar flare in 1972 that interrupted landline services. A meteorologist shared on X that a solar flare erupted on the sun around midnight - hours before Thursday's massive outage
However, the National Oceanic and Atmospheric Administration’s website showed a radio blackout occurred on the eastern side of Africa and below Asia
But in the US, most hacks have stolen data and did not cause a cellular blackout.
AT&T fell victim to a solar flare in 1972 that interrupted landline services.
The storm that hit Earth was compared to the event in 1859 known as the Carrington Event, which saw the most intense geomagnetic storm in recorded history.
If such a solar storm were to happen in today's world, the effects would be catastrophic on our communications systems.
A meteorologist shared online that a solar flare had erupted from the sun around midnight on Thursday, noting that the ‘timing is interesting.’
‘Yes, there was a strong solar flare reported around midnight. But, is it connected to the cell phone outage? Not impossible and the timing is interesting, but not sure we can say that just yet, Justin Horne with Texas-based KSAT 12 posted on X.
However, the National Oceanic and Atmospheric Administration’s website showed a radio blackout occurred on the eastern side of Africa and below Asia.
A solar flare ionization of the lower levels of the atmosphere which causes interference for long-range radios used by commercial airlines, military groups and government agencies.
The outage, which appeared around 4am ET, left many iPhones in SOS mode, leaving them unable to make phone calls, send messages or surf the web.
The SOS Only appears in the top-right corner of the control center with the latest iOS software and the top left corner in previous versions.
However, you can make Emergency SOS calls to authorities.
Some cellular networks appear to be coming back online, but that still leaves many asking the million dollar question of what triggered the massive outage,