Blog

The Netherlands’ Emergency Line Outage: An Illustration of the Importance of Network Visibility

Bartosz Urban | July 2, 2019

Network outages happen. We’ve all been there — we’re sitting at home, watching our favorite TV show on a streaming service, when suddenly the dreaded spinning circle indicates we’re cut off from the outside world. It’s annoying, but a sudden lack of connectivity can also have a catastrophic impact.

Stores, buildings, traffic lights, factories, emergency services, and entire cities now depend on connectivity to the internet. Network connectivity and stability have never been more important and, the way things are heading, it’s getting more and more crucial to keep the network up at all times. Lives depend on it — quite literally. In 2018, there were almost 4 million medical devices connected to the web, and the Internet of Medical Things shows no signs of stopping, making it increasingly more vulnerable to being attacked and misused. The threat of cyber attacks may become way more personal than anyone could imagine, with malicious software being sent directly to devices of specific people over the web.

At times, it’s simpler than that. Sometimes, it just takes a dead phone line and backups left unmonitored.

Last week, one of the biggest phone companies in the Netherlands experienced a countrywide outage. On June 24, the Royal KPN N.V. network went completely down for almost four hours, cutting off many services — not only home internet connections but also railroad signaling systems and, most importantly, the Netherlands’ emergency service number, 112 (the equivalent to 911 in the U.S.). Combined with extreme heat the country experienced at the time, the situation became very dangerous.

What made matters worse was misinformation. The authorities started sending out emergency messages directly to people’s phones through an NL-Alert system, but some people got multiple alerts at once, creating confusion, while some didn’t get anything at all. The messages were instructing people to contact a backup number on WhatsApp in case of emergency, but first alerts sent out had an error in the number itself, leading people to a local newspaper’s tip line. No one knew what was going on or what they should do if an emergency happened.

Police and firefighters went out on the streets to be more accessible to people, yet it was reported that at least one person died because the ambulance didn’t arrive fast enough. What made some citizens angry was the suggestion from a police social media account that in case of emergency they should “go to the station/hospital themselves.”

The outage was eventually resolved but public outrage and a nationwide discussion continues, leaving KPN in a sticky situation. First reports indicated that three separate shadow systems were backing up the main network, yet none of them worked properly, potentially because not enough care was given to monitor their state. It’s especially interesting, given that a similar outage of KPN services already happened in 2012, when construction workers cut off important fiber optic connections — according to reports, over 200 people couldn’t reach emergency services and two of them died as a result. Why would anyone neglect properly monitoring their network’s weak spots, especially when already given a chance to learn from a previous mistake?

There is speculation in the media that this might result in the government declaring that KPN breached their contract, which could result in hefty fines and splitting the national emergency line among other service providers. This would deal a huge blow to KPN’s strength in the market and undermine their importance in the Netherlands.

The key takeaway from this incident is that real-time situational awareness of business networks is crucial, not just for huge nationwide phone companies but also for any organization involved in managing critical infrastructure. When incidents like these happen, companies suffer both financial and reputational losses, so it’s important to reduce cyber risk as much as possible. Backup networks are meant to be less visible but it doesn’t mean we should give less care to them because, in an emergency, we could all suddenly find ourselves depending on the system we’ve been neglecting to save us.

To learn more about the importance of monitoring critical infrastructure networks, download this white paper.

Monitoring ICS Networks to Improve Operations and Security