A post mortem was received from Nets on July 10. Part of the text has been extracted from the provided PDF - in English following the Norwegian summary. Please send email to incident@criipto.com to receive the full report from Nets.
Grunnet en regelendring på en intern brannmur ble DNS trafikk for en rekke tjenester blokkert på morgenen 09.07.2019. Dette medførte at alle brukersteder som benytter internettkommunikasjon opp i mot BankID FOI fikk nedetid på BankID på mobil. Brukersteder som benytter Ekstranett kommunikasjon opp i mot BankID FOI opplevde ikke problemer med BankID på mobil. De som var berørt opplevde ustabilitet fra 10:05 – 10:22 og nedetid fra 10:22 – 13:03. Dette berørte 50% av total BankID på mobil-trafikk.
Signering med BankID 2.1 ble også berørt av hendelsen og var utilgjengelig 09:45 – 14:30.
En utsteders HA2 tjeneste var også berørt og nede 09:57 – 14:43.
Brukersteder som benytter E-ident og E-signing tjenestene opplevde også nedetid under denne incidenten.
Hendelsen ble løst ved å rulle tilbake regelendringen.
What has happened: A rule was implemented on the network firewall which resulted in some network traffic (DNS requests) being blocked on services that used the affected servers
When did the incident occur_:_ 2019-07-09 09:44
When did the incident end: 2019-07-09 14:35
Who was affected: _
BankID on mobile:_
instability from 10:05 - 10:22
50% unavailability from 10:22 - 13:03
All merchants communicating with BankID FOI at an internet line was affected. The merchants communicating at Ekstranett was not affected.
BankID Netcentric:
Signing 2.1 unavailability from 09:45 - 14:30
One HA2 service for one BankID issuer was unavailable from 09:57 - 14:43
What was the consequence of the incident: Outages on BankID as detailed above
Action/workaround to stabilise operation: After troubleshooting the network the following actions were taken to alleviate/fix the error:
Rule was added to allow DNS traffic - this partially fixed the issue
Erroneous rule was deleted - This completely resolved the incident
Duration of the incident:
0 days 04:51:00 hours