Quelle: www.enisa.europa.eu

Die European Union Agency for Network and Information Security (ENISA) gibt einen jährlichen Bericht zu den IT-Vorfällen im Telekommunikationssektor heraus, die gem. Article 13a durch die Mitgliedstaaten an die ENISA zu melden sind. Der aktuelle Bericht zeigt einmal mehr auf, dass die Hauptursache von Systemausfällen nicht auf Cyber-Angriffe oder Schadsoftware zurückzuführen ist. Siehe etwas dazu auch den Bericht Power Supply Dependencies in the Electronic Communications Sector (2013).

Annual Incident Reports 2015
Analysis of Article 13a annual incident reports in the telecom sector

Executive Summary

For the fifth year, ENISA publishes the annual report about significant outage incidents in the European electronic communications sector, which are reported to ENISA and the European Commission (EC) under Article 13a of the Framework Directive (2009/140/EC), by the National Regulatory Authorities (NRAs) of the different EU Member States.

This report covers the incidents that occurred in 2015 and it gives an aggregated analysis of the incident reports about severe outages across the EU. This report does not include details about individual countries or providers. The aim of the incident reporting scheme is to provide transparency to society and to learn from past incidents in the electronic communications sector in order to systematically improve the security in the networks and services.

This report provides an overview on an aggregated level of what services and network assets are impacted and the root causes of the incidents. Conclusions on the main patterns of incidents are drawn, contributing to discussions at policy level on strategic measures to improve the security in the electronic communications sector.

The main conclusions from this year’s incident reporting are the following:

  • 138 major incidents reported: This year 21 countries including two EFTA countries reported 138 significant incidents that occurred in 2015 while 9 countries reported they had no significant incidents.
  • Mobile internet most affected service: In 2015 most incidents affected mobile internet (44% of all reported incidents). Mobile internet and mobile telephony were the predominant affected services in the previous years also, except for 2014 where fixed telephony was the most affected.
  • Impact on emergency calls: In 15 % of the incidents there were problems in reaching the 112 emergency services, a small decrease since the previous year.
  • System failures are the dominant root cause of incidents: Most incidents were caused by system failures  or technical failures (70 % of the incidents) as a root cause. This has been the dominant root cause for all  the reporting years so far. In the system failures category, software bugs and hardware failures were the  most common causes affecting switches and routers, and mobile base stations.
  • Human errors affected on average more user connections per incident: In 2015 human errors was the  root cause category involving most users affected, around 2.6 million user connections on average per  incident. The second place was taken by system failures with 2.4 million user connections on average per  incident.
  • Malicious actions are not focused on causing disruptions: the total number of incidents caused by malicious  actions dropped to 2.5% from higher previous values (9.6% in 2014). This may indicate that the malicious  actions are not necessarily aiming at causing unavailability of services, but might have other objectives.
  • Malicious actions started causing long lasting incidents: Incidents caused by malicious actions (e.g. DDoS),  although the volume was not high, had most impact in terms of duration, on average almost two days per  incident.
  • New services affected: TV broadcasting / Cable TV Networks (14%) and SMS/MMS (13%), public email (5%), IPTV (4,4%), VOIP services (3,7%) were the most affected services among the new ones that started being collected from this year.

These patterns need particular attention when carrying out risk and vulnerability assessments in the electronic communications sector.




Bereits im Bericht 2012 bzw. im Sonderbericht Power Supply Dependencies in the Electronic Communications Sector standen Stromausfälle an dritter Stelle als Ursache für Systemausfälle. Hier ist anscheinend in den letzten Jahren keine wesentliche Verbesserung eingetreten.


Auch wenn dieser Bericht klar aufzeigt, dass die Hauptursache für Systemausfälle im Telekommunikationssektor Systemfehler und menschliches Versagen sind, sollten die aktuellen Eskalationen nicht unterschätzt werden. Denn während die Folgen der hier aufgezeigten Ausfälle eher begrenzt bleiben, können durch schwere Cyber-Angriffe/-vorfälle Kettenreaktionen mit nicht absehbaren Folgen ausgelöst werden. Wie immer gilt auch hier ein sowohl-als-auch-Denken, bzw. die Ambivalenz, die zu beachten ist.