While organisations and millions of individuals across the country have been struggling to connect with the Telstra network and make triple-zero calls, government ministers have responded to the massive unplanned outage.
Communications Minister Anika Wells and Emergency Management Kirst McBain (who is also the acting Communications Minister while Wells is on leave) released a statement shortly after midday.
“The core Triple Zero system remains operational, with connected calls flowing as expected from carrier networks to the Emergency Call Person (ECP), and on to state and territory emergency services dispatchers,” Wells and McBain said.
“However, the Triple Zero Custodian has advised that some callers were unable to connect to the ECP, and that these are being investigated by Telstra.
“All telcos, including Telstra, have strict requirements in relation to welfare checks for disconnected Triple Zero calls, and the Triple Zero Custodian is in regular communication with Telstra to receive updates on the progress and outcomes of these checks.”
Wells and McBain said today’s key priority was to “get people back online and ensure any welfare checks are completed urgently”. In addition, the pair revealed that an ACMA investigation into the incident is in the works.
Earlier, LNP and Opposition Leader Angus Taylor suggested that the government had questions to answer regarding any link between the outage and missile tests carried out by the People’s Liberation Army Navy recently. According to Taylor, a potential link to PLAN operations is one of “many questions Australians are asking”.
We saw a provocative and unwelcome missile launch from the PLA yesterday, and I can understand why Australians are drawing that connection,” Taylor said.
“Now, I don’t know whether there’s any connection or not, I have no idea. But it’s no wonder Australians are starting to ask questions like that, including questions about triple zero and what’s going on there.”
Barnaby Joyce also suggested foreign interference may be the root cause, a claim that Wells said was not backed up by the available evidence.
“As a general principle, I think when it comes to matters of national security, you shouldn’t make stuff up,” Wells said.
“You’ve heard from the Telstra acting CEO, that there is currently no evidence to suggest that those things are the case, so I think it’s irresponsible.”
McBain also addressed reports that the shadow communications minister, Sarah Henderson, had been making “test calls” to the triple zero line. She called the minister’s actions “outrageous”.
But what was the cause?
As to the actual cause of the problem, Dr Wibowo Hardjawana, of the University of Sydney’s Faculty of Engineering, said the issue was likely homegrown.
“While still unclear, the problem appears to stem from software or hardware faults in core nodes,” Dr Hardjawana said.
“The vulnerability arises from the complexity of modern networks, which rely on tightly coupled software and hardware dependencies. A single fault or attack can disrupt the entire communication chain.”
Jason Pearce, Field CTO, APJ at cyber-physical security firm Claroty, said the outage illustrated how dependent Australia’s critical infrastructure is on mobile connectivity.
“In sectors such as transport, mining, utilities, manufacturing, data centres and healthcare, operational technology may continue running during a telecommunications outage, but organisations can lose the ability to monitor assets, receive alarms, coordinate field teams, authenticate remote access and respond safely to incidents. In some cases, that loss of oversight is enough to force a precautionary shutdown and can create a cascading effect across sectors that might appear unrelated,” Pearce said.
“Healthcare facilities face similar risks. While most critical medical and building systems should continue operating locally, mobile outages can disrupt ambulance coordination, on-call communications, duress alarms, remote monitoring, cold-chain alerts, facilities maintenance and community care services. The concern is often not that a device immediately fails, but that staff lose visibility of its condition or cannot respond when something changes.”
Pearce says the lesson to be learned is that even if an organisation has a fallback second service, it’s less than ideal if that service relies upon the same underlying carrier infrastructure. He did, however, say that while the outage may not be related to a security incident, the outage itself is a security issue.
“From a cyber risk perspective, outages can also create secondary exposure. When approved remote access, mobile authentication or vendor connectivity fails, teams may be tempted to introduce insecure workarounds to restore operations quickly,” Pearce said.
“For boards and executive teams, the key question is no longer simply whether critical assets will keep running if mobile networks fail. It is whether the organisation can still see, control and safely respond to those assets during a prolonged telecommunications failure.
“Today’s outage should prompt every critical infrastructure operator and healthcare provider to ask: which services would we have to restrict or suspend if our primary mobile carrier were unavailable for eight, twelve or twenty-four hours?”
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.