Telstra DNS falls over after denial of service attack

4 years ago 203
BOOK THIS SPACE FOR AD
ARTICLE AD
telstra-shop-sydney.jpg Image: Asha Barbaschow/ZDNet

Customers with Telstra's default DNS settings found themselves seemingly unable to access the internet on Sunday morning, as the telco was facing a denial of service attack.

The attack kicked off some time before 10:30am on the Australian east coast.

"Some of our Domain Name Servers (DNS) used to route your traffic online are experiencing a cyber attack, known as a Denial of Service (DoS)," Telstra said on Twitter just before noon.

"Your info isn't at risk. We're doing all we can to get you back online."

Customers that switched their DNS settings away from Telstra were able to mitigate the outage. At the same time, Telstra's own outage site was misbehaving and returning 502 errors on occasion, and at other times, returning 404 errors.

At 12:05pm, Telstra said it had a handle on the attack.

"We're blocking the malicious traffic attacking some of our services. We are confident we have blocked all of this malicious traffic and are working to get you back up and running again. Thanks for sticking with us," it said.

Telstra has been vocal in recent times about its DNS filtering capabilities, dubbed Cleaner Pipes, that are used to fight malware passing through its network.

The initiative focuses on blocking command and control communications of botnets, the downloading of remote access trojans, as well as other forms of malware. The telco said in May it is already blocking "millions of malware communications" when the traffic hits its infrastructure.

This action reduces the impact of cyber threats on millions of Telstra's customers including stopping the theft of personal data, financial losses, fraudulent activity, and users' computers being infected with malware. 

"We know many consumers and small businesses do not have the resources to adequately protect themselves," Telstra CEO Andy Penn said.

"Cleaner Pipes means we are able to more actively block cyber threats on our network that would compromise the safety of our customers' personal information. While it will not completely eliminate the risk, or substitute appropriate threat protection, it will contribute to significantly reducing the volumes and impact."

The initiative was recommended as a example that could be replicated by other telcos in the industry advisory panel report that is set to feed into Australia's upcoming 2020 Cyber Security Strategy. The report added there should be legislation to both back up the process and provide safe harbour provisions to give telcos certainty about the information they share with each other in responding to cyber threats.

Fellow Australian ISP iiNet suffered from a DNS outage at the start of the year. In that instance, the telco recommended users set their DNS to use a publicly available service such as Cloudflare's 1.1.1.1 service.

Once the outage was over, iiNet said users could revert to default DNS configuration.

Related Coverage

Bravo ACCC: Telstra begins flogging NBN overprovisioning as 15% speed boostTelstra is carbon neutral but found it hard to purchase Australian offsetsTelstra ditches 5G fee for users not on lowest tier planNBN now obligated to provide a minimum 25Mbps connection to AustraliansACCC corrects its video conferencing Critical Services Report
Read Entire Article