Security experts have insisted that there is no evidence that the US was hit by a massive cyber-attack on 15 June, which led to outages for T-Mobile, Fortnight, Instagram, AT&T, Twitch, and Facebook Messenger.
Matthew Prince, founder of web security giant Cloudflare, which also specialises in DDoS (Distributed Denial of Service) protection, tweeted on Tuesday that “there’s a lot of buzz right now about a massive DDoS attack targeting the US, complete with scary-looking graphs”.
“While it makes for a good headline in these already dramatic times, it's not accurate. The reality is far more boring”, he added, referring to the US mobile operator T-Mobile that he claimed was “making some changes to their network configurations today”.
“Unfortunately, it went badly. The result has been for around the last 6 hours a series of cascading failures for their users, impacting both their voice and data networks”, Prince tweeted.
The expert also shared screenshots to illustrate that there had been no considerable increase in Internet traffic, which is a typical sign of a massive DDoS attack.
It starts with T-Mobile. They were making some changes to their network configurations today. Unfortunately, it went badly. The result has been for around the last 6 hours a series of cascading failures for their users, impacting both their voice and data networks. 2/X— Matthew Prince 🌥 (@eastdakota) June 15, 2020
Prince was echoed by cyber researcher Brian Krebs, who wrote on Twitter that he had found “no indication these outages are DDoS related” and that they “may be Sprint/T-Mobile issues related to a wonky update in the systems […]”.
I have found no indication these outages are DDoS related. Rather, there may be Sprint/T-Mobile issues related to a wonky update in the systems from the Sprint side to help merge with T-Mobile. Not sure what may be up w/ other carriers. See: https://t.co/jM6OAvmyfI https://t.co/WN1l8Fu1bp— briankrebs (@briankrebs) June 16, 2020
Expert on malware Marcus Hutchins, for his part, cast doubt on the initial wave of DDoS claims posted on Twitter by angry users.
"T-Mobile outage means everyone using them can't access any websites, leading to reports that Facebook, Twitter, Instagram are all down (they're not). Customers also can't call/be called by other providers, leading to reports other providers are down too (they're not)”, he explained in a post on his Twitter account.
T-Mobile outage means everyone using them can't access any websites, leading to reports that facebook, twitter, instagram are all down (they're not). Customers also can't call/be called by other providers, leading to reports other providers are down too (they're not).— MalwareTech (@MalwareTechBlog) June 15, 2020
He pointed to the DDoS attack map shared by the hacktivist group Anonymous, which shows a "random sample of global DDoS traffic badly plotted on a world map", something that does not mean that such an attack took place.
Forbes has, meanwhile, quoted Jake Moore, a cybersecurity specialist at ESET, as saying that "rumors spread like wildfire on the internet, and it's usually horror sounding stories like this that travel the fastest”.
He pointed out that “fact-checking before sharing is vital, but as it takes time, many people tend to just read a headline before sharing it, which adds fuel to the fire”.
The remarks came after T-Mobile CEO Mike Sievert confirmed that the company had experienced voice- and text-related troubles which "intermittently impacted customers in markets across the US”.
He assured that the firm has “hundreds of our engineers and vendor partner staff working to resolve this issue and our team will be working through the night as needed to get the network fully operational”.
This was preceded by Anonymous tweeting that the US was “under a major DDoS attack" and that the source of it is “currently unknown”.
“We speculate it may be China as the situation between South and North Korea is currently deteriorating”, the hacktivist group added, in an apparent nod to Pyongyang’s move last week to cut all communication ties with Seoul.
On Monday, Anonymous claimed responsibility for taking down the website of the Atlanta Police Department in the wake of the killing of Rayshard Brooks, a 27-year-old African-American man who was fatally shot during an encounter with two white Atlanta police officers last week.