ANACOM receives fewer notifications of security incidents

2021, similarly to what happened in 2020, was an atypical and demanding year in terms of the use of electronic communications networks, following the general lockdown duty due to the pandemic situation, which required situations of teleworking and online classes. However, the number of incidents and the average annual duration of unavailability of service reached the lowest values ever, corresponding to the trend seen in the last five years.

There was a significant reduction in the total number of security incidents notified to ANACOM by companies providing electronic communications networks and services: 38 security incidents, 41% less than the previous year and the lowest value recorded since 2015, as illustrated in Graph 1. The average annual duration per incident reached the lowest recorded in recent years, at 12 hours, a figure significantly lower than the 51 hours recorded in 2017.

Furthermore, no security incidents directly related to the pandemic were reported, largely due to the fact that companies adapted their networks to heavy traffic scenarios (particularly during periods of compulsory teleworking).

The 1st and 2nd quarters, with 66% of incidents, were the most serious in terms of the number of incidents received. The northern and central regions of Portugal had the most incidents in electronic communications networks and services.

Graph 1 - Volume and annual change in security incidents reported during 2015-2021.

Volume and annual change in security incidents 

Unit: Number of security incidents
Source: ANACOM

Of all the incidents reported in 2021, 47% were due to failure in the provision of goods or services by third parties, namely power supply failures or breakdowns in leased circuits. Also worthy of note are occurrences resulting from accidents or natural phenomena, which amount to 26% of the total incidents reported; maintenance or hardware or software failure, responsible for 24% of incidents; and malicious attacks that originated 3% of incidents. For the entire period, from 2015 to 2021, incidents that were due to causes associated with factors external to the sector accounted for a 75% preponderance.

In 2021, most notifications impacted two or more publicly available electronic communications services. According to notifications received, fixed telephony was the service most often affected, with 61% of total notifications received; followed by mobile telephony, with 58%; and mobile internet, with 39% of total notifications.

Over the last seven years, the three most affected services were, in descending order (Graph 2): fixed telephony (70%), mobile telephony (59%) and mobile Internet (42%). Fixed Internet, DTT and pay-TV were services affected, respectively, in 30%, 22% and 21% of notifications received.

Graph 2 - Distribution of reported security incidents for each type of service affected, 2015-2021.

Distribution of reported security incidents 

Unit: Number of security incidents
Source: ANACOM

Of the 20 security incidents that were notified due to the impact on the number of subscribers/accesses affected (thresholds), two were covered by the public disclosure obligation imposed on companies.

Regarding incidents that constrained users from contacting emergency call centres using the 112 emergency number, 9 incidents (i.e. 24% of the total) were recorded that affected access to the 112 call centres of the Public Safety Answering Points (in 2020 this impact had been observed in 32 of the reported incidents, i.e. 50% of the total).

Consult the statistical report: