Malware causes for the first time the longest lasting incidents in Telecoms sector according to new ENISA report

Back to News

ENISA publishes today the sixth annual report about large-scale outages in the electronic communication sector.

The Annual Incidents report 2016 provides an aggregated analysis of incidents affecting the availability of services reported to ENISA and the European Commission under Article 13a, by the National Regulatory Authorities (NRAs) of the different EU Member States. Most incidents reported in 2016 involved mobile internet and mobile telephony connections, while the longest lasting incidents were caused for the first time by malware.

This year ENISA and the European Commission received 158 incident reports from NRAs regarding severe outages in the EU’s electronic communication networks and/or services which occurred in 2016. In total 24 countries, including two EFTA countries, reported significant incidents, while 6 countries reported they had no significant incidents. In general, there was a slight increase compared to last year’s statistics where reported incidents reached a total number of 138 incident reports.

Key findings from this year’s incident reporting include:

  • Mobile internet continues to be the most affected service: In 2016 most incidents affected mobile internet (48% of all reported incidents).
  • System failures are the dominant root cause of incidents: Most incidents were caused by system failures or technical failures (almost 73% of the incidents) as a root cause.
  • Malware is causing increasingly long lasting incidents: Incidents caused by malware, although there were not too many of them, had most impact in terms of duration and user hours lost.
  • Emergency services are affected by incidents: Same as last year, 20 % of the incidents affected the 112 emergency services.
  • Third party failures continue to affect a considerable part of the total number of incidents: 21.5% of all incidents were caused by third party failures, a significant increase from last year (15,2%).

ENISA’s Executive Director, Prof. Udo Helmbrecht, said: “This publication offers a unique insight into the resilience of Telecoms networks across Europe. Given the criticality of Telecoms networks to our daily lives it is important that ENISA reports on the monitoring of the resilience of these networks by the Telecom operators on a pan EU level and that we all learn from the previous years' experience. "

The annual report is a result of an EU wide incident reporting process which started in 2012, under Article 13a of the Framework Directive (2009/140/EC).The aim of the incident reporting scheme is not only to give an overview of services and network assets impacted and the root causes of the incidents but also to provide transparency to society and to learn from past incidents in the electronic communications sector in order to systematically improve the security of the networks and services.

For the full report: Annual Incident Reports 2016

For a comparative analysis of all the years of incident reporting: Annual Incident Reports 2016 - Annex

Background:

ENISA is permanently analysing the current threat environment and undertakes studies that address particular technical or policy related topics directly linked to the electronic communications sector. In the context of Article13a efforts, ENISA has been drafting recommendations for trending issues such as power supply dependencies and cable cuts caused by mistakes in order to provide a holistic and in-depth view to providers that need to assess risks, take appropriate security measures, and report about significant security incidents.

A group of experts from NRAs, called Article 13a Expert Group, meets with ENISA periodically -several times a year- to develop technical guidelines and to discuss the implementation of Article 13a (for example, on how to supervise the electronic communications sector) and to share knowledge and exchange views about past incidents, and how to address them.