Orange has probably not finished paying the price for the large outage that disrupted emergency numbers on June 2. A little over a month after the publication of the internal investigation carried out by the operator into the incident, a new report unveiled by the government on Thursday, July 22, evokes the dysfunctions of the company, both upstream and at the heart of the crisis.
The National Information Systems Security Agency (ANSSI) led this investigation, with the assistance of the general inspectorates of the ministries concerned and the Defense Electronic Communications Commission. A 40-page document, which attempts to unravel the circumstances of the blackout which prevented about 11,800 emergency calls from being completed on June 2 and could be linked to six deaths.
Broadly speaking, the authors of the report rule out a cyberattack as Orange did in its own internal audit released on June 11. ANSSI sees this as a combination of handling errors combined with a software bug, implicating the operator’s responsibility.
On June 2, at 4 p.m., Orange carried out maintenance on its voice over IP (VoIP) equipment, which allows calls to be made through an Internet connection. At 4.44 p.m. precisely, he changed the configuration of his call servers, technical equipment with which it is possible to interconnect the different calling technologies. This link is for example essential to reach, from its VoIP mobile phone, a landline phone connected to the PSTN network, the technology historically used to make calls to a landline without an Internet box.
The first incidents appeared within minutes. All calls going through Orange call servers, and not just emergency calls, were affected, with a high probability of not succeeding, details the report. If emergency calls have been particularly affected, it is simply because the vast majority of their processing centers are historically connected to the Orange PSTN network.
The breakdown therefore comes “Obviously [d’]an Orange error ”, which would in any case “Leads to failed appeals”, according to the authors. But to this has been added a software bug hitherto hidden in the company’s call servers. And this time it is its equipment supplier, the Italian company Italtel, which is in question.
You have 60.27% of this article to read. The rest is for subscribers only.