I know for a fact that my life revolves around my phone. In the morning, I check the news and my email on it before I get out of bed to brush my teeth. During the day, I continue to check my email and I constantly send and receive text messages with my boyfriend. If I’m on the subway train or at the mall, I love to surf the web while I’m idle. Google Maps helps to make sure that I don’t get lost as I move around my city. In my home office, I’ll tether my work desktop to my phone for internet access. I use a lot of data! In the evening, I will often lay on the couch, phone in hand, watching Netflix, browsing YouTube, playing games online. At night I love to set my phone to my favourite podcasts as I drift off to sleep. Occasionally, like maybe once a week, I’ll receive a phone call. Sorry babyboomers.
I use my phone constantly for work, play, and leisure. It’s pretty much always on my person. I’m probably rather typical. So when about 32 million people in the UK lost the use of 4G and SMS on December 6th, I could definitely feel their pain. That’s a major inconvenience to people in their everyday lives, and also to many businesses which rely on their phones.
The outage affected O2 customers, and also customers of other Telefonica U.K. carriers, which include GiffGaff, Lyca Mobile, Sky Mobile, and Tesco Mobile. The common link is Ericsson’s Serving GPRS Support Node – Mobility Management Entity software. Ericsson was making changes to their Ericsson's Centralized User Database of subscribers. And what was the point of failure? An expired certificate. A singular machine identity. Really!
Ericsson wrote in a press release:
“During December 6, 2018, Ericsson has identified an issue in certain nodes in the core network resulting in network disturbances for a limited number of customers in multiple countries using two specific software versions of the SGSN–MME (Serving GPRS Support Node – Mobility Management Entity).
Börje Ekholm, President and CEO, Ericsson, says: ‘The faulty software that has caused these issues is being decommissioned and we apologize not only to our customers but also to their customers. We work hard to ensure that our customers can limit the impact and restore their services as soon as possible.’
An initial root cause analysis indicates that the main issue was an expired certificate in the software versions installed with these customers. A complete and comprehensive root cause analysis is still in progress. Our focus is now on solving the immediate issues.
During the course of December 6, most of the affected customers’ network services have been successfully restored. We are working closely with the remaining customers that are still experiencing issues.”
A “complete and comprehensive root cause analysis” will probably indicate that Ericsson has poor visibility of the certificates in their network. This huge outage indicates the terrible potential of expired certificates. Certificates are absolutely necessary for your security controls. But if you don’t monitor them carefully, not only do you expose your networks to cyber attack risks, you also risk terrible mistakes that can make millions of customers very unhappy.
Organizations and enterprises must be vigilant in their certificate use, because carelessness can have a massive impact.
The Venafi Platform helps you discover, track, and continuously monitor all digital certificates to proactively avoid certificate outages. Venafi also automates the entire renewal process so you can replace certificates in seconds across your global extended enterprise, regardless of CA.