Yes, you read the headline right. And no, this outage isn’t the first of its kind. Ericsson, the Swedish multinational networking and telecommunications company, joins the list of organizations that have caused huge service outages for customers because of one expired security certificate. International telecom operators O2 and SoftBank (in the UK and Japan, respectively) fell victim to this gaffe on December 6th, which impacted connectivity for tens of millions of their subscribers around the world, leaving them frustrated.
So, what really happened?
Ericsson is the manufacturing company behind the back-end gears for many world-renowned cellular networks. A flaw in Ericsson’s management software that O2 and SoftBank use caused service outages for both telecom providers’ subscribers across the UK and Japan on December 6th. After analyzing the issue further, Ericsson found that the root cause of the software malfunction was an expired security certificate which affected many core network nodes.
The outage, which began around 1:39pm JST on Thursday, lasted around five hours for SoftBank network subscribers. O2 subscribers faced outages from 5am–9:30pm GMT on Thursday, when the 3G network was restored. The company reported that the 4G network was restored at 3:30am on Friday.
Considering how long the downtime lasted, many sources pointed out that the solution presumably involved certificate reissue to all the affected nodes, followed by a manual update of the software for every node. As an attempt to alleviate the trouble caused and reestablish its credibility in the market, O2 will compensate all affected customers.
Being proactive is the key
Security certificate renewal isn’t rocket science, but it is extremely critical. Tracking and managing the life cycles of security certificates or SSL certificates deployed to your software or web applications is of paramount importance when it comes to ensuring continued service uptime.
Renewing security certificates is a huge responsibility for IT administrators, especially at large organizations that have thousands of SSL certificates deployed on hundreds of servers. Imagine having to discover all the active SSL certificates in your organization manually, keep tabs on their usage, and renew certificates that are about to expire without missing even a single one. Managing certificates manually is extremely daunting and highly error-prone.
When it comes to certificate renewal, you have to be proactive. Everyone makes mistakes, but when it comes to business, you can’t afford to allow one oversight flush all your efforts down the drain. We at ManageEngine help you adopt a proactive approach to IT by crafting a diverse range of IT management software with a focus on making your job easier.
Key Manager Plus, our web-based SSH key and SSL certificate management solution, helps IT administrators gain complete visibility into their SSH and SSL environments. It provides them with centralized control and automates life cycle management—from acquisition and deployment to tracking renewal, usage, and expiration—for all certificates within an organization’s network.