Australian telco Optus tells lawmakers it had no plan to address total outage

 

Australia's second-largest telco, Optus, had no crisis plan when a network-wide outage left nearly half the country without phone or internet for 12 hours, an executive told parliament on Friday, acknowledging the company's defences had failed.

The Singapore Telecommunications-owned (STEL.SI) company had recently war-gamed scenarios in which the routers that direct voice and internet data failed in entire states, but it never expected a nationwide shutdown because it had alternate connections built into its network.

"We didn't have a plan in place for that specific scale of outage," Optus managing director of networks Lambo Kanagaratnam told a Senate hearing on the Nov. 8 failure that left much of the country unable to make payments, receive healthcare or contact emergency services for most of a day.

"It was unexpected. We have high levels of redundancy and it's not something that we expect to happen," he added, using the telecommunications term for alternate routes to send data when an initial pathway fails.

The comments underscore concerns about the resilience of Australia's telecommunications networks, which have been in the spotlight since a massive data breach at Optus last year exposed the personal data of 10 million Australians. Now the company faces a fresh reputational crisis after the service blackout, which it has said was triggered by a standard software upgrade at Singtel.

The Australian government has already imposed tougher cyber security reporting standards on telcos, and has said it plans to introduce mandatory reporting of ransomware attacks in all sectors as part of an overhaul of the country's cyber security laws to be announced this month.