Attackers causing more outages - but hardware failures, storms still hitting Europe's networks hardest

Europe's regulators reported more cyber attacks as the cause of internet outages, but hardware failure still takes the top spot.

Deliberate online attacks are accounting for an increased number of outages in Europe's internet networks.

"Cyber attacks" were behind 20 percent of the outages in 2012, according to the annual incident report by the European Network and Information Security Agency (ENISA) — a dramatic increase from 2011, when they accounted for six percent of outages.

Cyber attacks are also behind a greater number of outages on mobile internet networks, causing 13 percent in 2013 compared to three percent in 2011.

Hardware failure was cited as the most frequent cause of unscheduled downtime incidents, however, responsible for 36 percent of outages in mobile internet networks last year and 35 percent for fixed internet networks.

The report provides an aggregated analysis of outages affecting fixed line and mobile network services that were reported by Europe's national regulators in 2012. Root cause categories included natural disaster, human errors, malicious attacks, system failures and third-party failures.

In all, 79 incidents were reported by 18 countries in 2012, with nine countries reporting no incidents — compared with ENISA's 2011 report, in which only 11 countries reported 51 incidents and nine reported none.

Looking at outages affecting fixed telephony, fixed internet, mobile telephony and mobile internet, the agency found that hardware failure was the most common cause of incidents in all four services at around 30 percent in each case.

Image: ENISA

In 2012, the second-most common causes of mobile outages were software bugs at 20 percent. Similarly, software bugs were the second-most common cause for fixed telephony outages, with over half affecting VoIP services.

While storms and heavy snowfall were behind relatively few incidents affecting any of the four services, their average duration at 84 hours and 72 hours, respectively, was much longer than cyber attacks, which on average resulted in a three hour outage.

Network overload affected the greatest number of users with more than nine million users on average per incident.

ENISA concludes in its report that mobile networks are the most affected by incidents in 2012, accounting for about half of all incidents, and affect the most users at around 1.8 million people per incident.