Posted on August 4, 2020 at 7:35 AM
Telstra’s DNS default setting was out of reach as the telco was facing a Distributed Denial Service (DDoS) attack. As a result, customers using the Telstra DNS default setting were not able to access the internet yesterday.
According to Telstra, some of the DNS used to direct online traffic were affected by the attack.
“Some of our Domain Name Servers (DNS) used to route your traffic online are experiencing a cyber attack, known as a Denial of Service (DoS),” Telstra pointed out on Twitter.
However, the company assured customers and users that it’s doing everything possible to return to normal service, and no user’s information is at risk.
Telstra said the issue has been fixed
Customers who were quick enough to move their DNS settings away from Telstra were able to minimize the lose
At the same time, the company’s outage site was malfunctioning and returning 404 errors on some occasions and 502 errors on other occasions.
However, Telstra said it had dealt with all the attacks and everything will soon return to normal.
The firm said it’s blocking and deleting the malicious traffic coming to some of its servers. Furthermore, it has successfully blocked all the traffic and hope to resume full service. Telstra also thanked its customers and users for having enough patience throughout the situation.
The firm said the large messaging storm that was seen as a DDoS cyber-attack has been investigated by the firm’s security team. After an investigation by the security team, Telstra is convinced that the attack was not malicious, but an issue with the domain name server.
“We’re sorry for getting in the way of your weekend plans,” Telstra said.
Telstra has spoken much about the capabilities of its DNS filtering service, calling it “Cleaner Pipes” used to block malware coming through the network.
The malware blocking tool prevents the downloading of remote access trojans, the command and control communications of botnets, as well as other types of malware. The firm revealed that it has already blocked millions of malware-based communications that almost hit its servers. According to Telstra, the malware blocking tool has been blocking malware and trojans for the past few months.
That action has minimized the effect of cyber threats on millions of customers, including preventing user’s computers from being infected, stopping fraudulent activities, financial losses, and stopping the theft of personal data.
The firm also said many small businesses and consumers don’t have adequate resources to protect themselves. With the firm’s full malware blocking tool, it has helped small businesses and other consumers prevent the malicious attack, the company reiterated.
Cleaner Pipes entails that the firm was able to prevent cyber threats on its network, which could have compromised the safety of its customers’ personal details. Although the tool may not eliminate the risk entirely or stand as more comprehensive risk protection, it will play an important role in eliminating and reducing the extent of the attack.
The initiative will also serve as an example or paradigm for other telcos, which can be copied and replicated in the industry.
Based on the report on the mitigation process, there could be legislation that could provide safe harbor provisions and back up the process to give telcos. It will improve the level of communication and information sharing with each other while responding to cyber-attacks.
At the beginning of the year, another Australian ISP iiNet was a victim of a DNS outage. Then, the telco asked users to make use of services like Cloudflare’s 188.8.131.52 service., which is publicly available. After the outage, iiNet asked users to revert to the default DNS configuration.