Our monitoring first detected the issue at 3:00:03pm US EDT (19:00:03 UTC) and we detected recovery starting at 5:47:49pm US EDT (21:47:49 UTC) for a total outage of 2h 47m. When I first called at 3:07pm the TAC was not aware of any issues. I opened a ticket at 3:15pm and the status page was first updated at 3:31pm. Quite a delay. Thanks for posting this, Bruce! I look forward to the COE/RFO, how it was mitigated, and how they hope to reduce the impact of DDoS attacks in the future. After this and the VoIP.ms DDoS, it begs the question who the bad actors are and what their goals are. Infrastructure attack? Misdirection? Telephony attack to end-around TFA for targeted individuals? US Government Red Team? Beckman On Sat, 25 Sep 2021, Bruce Freshwater via Outages wrote:
From the source
-bruce ________________________________ From: Joe DaSilva (Bandwidth Support) <ticketing@bandwidth.com> Sent: Saturday, September 25, 2021 6:06:53 PM To: Ben Beige <bbeige@sierraexperts.com> Cc: Telephony <telephony@sierraexperts.com> Subject: Your Bandwidth support ticket is updated (Connection issue on trunk)
Joe DaSilva (Bandwidth Support)
Sep 25, 2021, 6:06 PM EDT
Good afternoon,
Bandwidth is currently experiencing a DDoS attack which is intermittently impacting our network. Our network operations and engineering teams are actively engaged in critical efforts to protect our network and fully restore all services as rapidly as possible. We will be sure to post key information and updates to status.bandwidth.com as our efforts progress and we have additional information to share.
--------------------------------------------------------------------------- Peter Beckman Internet Guy beckman@angryox.com https://www.angryox.com/ ---------------------------------------------------------------------------