Given rising political tensions and the news you will no doubt have seen, we have today put the network on a more defensive footing in anticipation of Russian-led cyber attacks against UK businesses.
As we’ve described over many years, Simwood has extensive DDoS filtering, but we’ve always been concerned that DDoS mitigation is simply an arms race over who has the most capacity, and it’s fair to assume that the Russian state has more than us. Accordingly, our planned strategy has always been to close down the network from the outside in, progressively reducing the internet-facing edge in the event of it risking being overwhelmed. The ultimate destination here is that the network is closed to the outside world.
We’ve long implored customers to plan for this scenario by interconnecting with us directly, such that in the event of the internet-facing edge being down, customer service is maintained through private interconnects. However, as we learned during drills when the industry faced the previous round of DDoS attacks, many customers have ignored this advice and in the event of our internet edge being closed, they would face a loss of service. Pete would also like to remind you all, at this juncture, of your obligations under the Telecommunications Security Act (TSA), which would suggest that basic public-internet alone would be considered a breach.
To address some of the risks, we put in place a secret availability zone hidden behind the might of ‘the cloud’ with whom we have private interconnects, such that those customers who are dependent on the internet-facing edge will maintain service. The IP addresses involved in this are not published in our interop, which we can reasonably assume could be in an attacker’s hands, but instead will be made available as a banner inside the Simwood Portal to authenticated customers over the next 24 hours.
The details for this availability zone will be different this time to last time, and those customers who will be affected by our internet edge being closed down are urged to take steps to be able to use them both as a destination for outgoing calls and to authenticate for incoming calls. While they will be live and able to handle calls even in the event of the network being fully open, we’d ask customers please to not hard-configure these as a destination for calls forever because this availability zone is temporary and will be removed.
As another note, we again remind customers of networks’ obligations under the TSA which cover the specific circumstance of the UK having international connectivity severed and the requirement to operate with the UK as an island for 30 days. We’ve made a number of posts recently about “UK carriers” who have zero infrastructure in the UK, and those using them will face potential loss of service during such an eventuality.
Of course, we hope all this is unnecessary, but prefer to make unnecessary preparations for the sake of end users than be caught off guard. We hope you’ll understand.
