Although cyberattacks caused just 6 percent of significant outages of public electronic communications networks and services in the E.U. last year, they affected more people than hardware failure, a much more common factor in service disruptions, according to a report from the European Union Agency for Network and Information Security (ENISA).
Hardware failure accounted for 38 percent of all incidents and affected over 1.4 million users on average according to an annual incidents report released Tuesday by ENISA. By comparison, incidents that resulted from cyberattacks affected 1.8 million users on average.
Cyberattacks affected primarily Internet access and were the second most common cause for outages of fixed Internet service in particular, accounting for 20 percent of those incidents, ENISA said. They also accounted for around 13 percent of incidents that disrupted mobile Internet service.
The ENISA report compiles data on 79 incidents that occurred across 18 E.U. member states in 2012 and resulted in severe outages of both mobile and fixed telephony and Internet services. ENISA defines fixed Internet and telephony services as those offered through dial-up, DSL, cable, fiber, PSTN, VoIP over DSL and other wired networks.
Providers of electronic communication services are required to report significant network security and integrity breaches to national regulatory agencies, which in turn report them to ENISA and the European Commission. Nine countries did not report any incidents for 2012 and one country hasn't implemented reporting capabilities yet, ENISA said.
The agency organized incidents into five root cause categories, but also split them by more detailed causes. The root cause categories were system failure, third-party failure, malicious actions, human errors and natural phenomena.
The most common root cause for incidents that resulted in outages was system failure. This accounted for 76 percent of outages and included incidents caused by both hardware and software issues. Most incidents in the system failure category affected switches, including routers and local exchange points, and home location registries, ENISA said.
Third-party failures accounted for 13 percent of incidents, malicious actions accounted for 8 percent, natural phenomena for 6 percent and human errors for 5 percent. Some incidents fell into multiple categories, the agency said.
Incidents caused by natural phenomena -- storms, floods, heavy snowfall, earthquakes and other natural disasters -- and those caused by human error resulted in the longest outages, 36 hours and 26 hours on average, respectively. However, they affected relatively low numbers of users at 557,000 and 447,000 on average.
Outages that resulted from third-party failures affected the largest number of users, 2.8 million and lasted for 13 hours, while those caused by system failures lasted nine hours and affected 2.3 million users, on average.
Sign up for CIO Asia eNewsletters.