In 2015, incidents affected mostly mobile telephony connections (2.7 million affected connections), followed by mobile internet connections (2.5 million affected connections), fixed telephony (approximately 660 thousand affected connections) and fixed internet (approximately 350 thousand affected connections per service), the least affected connections being the audio-visual programme retransmission ones (approximately 140 thousand).

According to the data reported to ANCOM, last year, a security incident affected, on average, 22,773 connections. The average duration of an incident was approximately 4 hours, whereas the total duration of incidents reported in 2015 is 1,050 hours. The largest number of security incidents occurred in Bucharest, followed by the counties of Gorj, Teleorman and Dambovita.

 

26% of the incidents were caused by software or hardware system errors, human errors consisting of equipment misconfiguration or misoperation. However, a majority of 74% of the incidents were determined by external factors (e. g. power outages or accidental optical fibre cut-off, natural phenomena, stolen cable etc.).  

On the overall, approximately 40% of the incidents were caused by power outages. The highest number of incidents per month were reported in April (40 out of 281), most of which were generated by power outages.

 

90% of the reported incidents could have prevented or hindered emergency calls to 112, as most of the 2015 incidents affected mobile telephony services. Nevertheless, the users were able to call the emergency number if the call initiation area was covered by another mobile telephony provider or by other base stations in the network, unaffected by the incident.

 

ANCOM’s Report on incidents that affected the security andresilience of electronic communications networks and services in 2015 was drawn up based on the information transmitted by the providers for 2015, this being the third year in a row when the Authority collects the respective data, following the entry into force of Decision no. 512/2013, by which the providers have to obligation to notify ANCOM on the incidents with significant impact on the security and integrity of electronic communications networks and services, i.e. on those incidents that affected more than 5,000 connections for at least one hour. 

“For a more accurate image on the status of the security and resilience of electronic communications networks and services, we launched in April this year a questionnaire to the providers, by which we intend to assess the stage of implementation of security measures in the domain of incident management.  Based on the answers received, ANCOM will elaborate a report reflecting the providers’ approaches, and highlighting the best practices in the field, which could be applied by other providers, as well”, declared Eduard Lovin, ANCOM’s executive Director.

Furthermore, to support of the providers of electronic communications networks and services in their proactive effort of ensuring network security sand resilience, ANCOM published in 2016 a Guidebook for the implementation of security measures in the field of incident management.