Industry Insights

Cybrella Cyber-security Researchers Break Down The Recent Apple Outage

March 24, 2022

by

The affected servers and services included but where not limited to, the development site, the App Store, iCloud, Siri, iMessage, iTunes Store, Apple Maps, Apple Music, Apple Podcasts, Apple Arcade, Apple Fitness+, Apple TV+, Find My, FaceTime, Notes, Stocks, and some internal applications.

All of the affected components, services, and servers were down for around two hours.

After much deliberation into the cause of the outage, speculation had already begun surfacing on social media of a potential BGP attack or the cause being of Russian origin.

However, security researchers have narrowed the cause of the outage down to the likelihood of a DNS related issue of which Cybrella cyber-security researchers break down below.

The servers Apple owns and utilizes, where redirecting developer.apple.com to a location affiliated with Akamai. However, Apple's DNS servers could not resolve the address affiliated with Akamai due likely, to a DNS zone conflict.

This has been observed before in the cyber-security field as a symptom of improper DNS configuration and thus, is being seen as such.

The DNS servers were active and responsive during the outage but refused to serve records. Another symptom of improper DNS configuration or potential DNSSEC validation failure.

Due to the nature of the event and what is known thus far, cyber-security researchers believe the issue was caused by a DNSSEC validation failure on aaplimg.com.

References:

Cloud backup photo created by rawpixel.com

MORE News

Related Posts