Cyber Incident Victim: Cirrus Communications

On July 30, 2014, Australian fixed wireless provider Cirrus Communications experienced a distributed denial-of-service (DDoS) attack that disrupted more than 50% of its network operations for approximately one day. The attack targeted the company’s core network infrastructure rather than its edge radio equipment, impairing connectivity for business clients, apartment complexes, residential colleges, and military bases reliant on Cirrus’ last-mile wireless broadband services. As a specialized provider operating in metropolitan data centers and broadband-constrained remote areas, Cirrus’ outage directly impacted its advertised capabilities for delivering high bandwidth and multi-location connectivity. CEO Eric Heyde confirmed the network degradation during the attack period, noting operational struggles persisted in its immediate aftermath. By the afternoon of July 30 (15:30 AEST), restoration efforts had reduced the outage to “a couple of per cent” of the network, with Heyde stating the company was “very close to full recovery” at the time of reporting.

The incident’s scope extended beyond Cirrus’ direct customers, as reports indicated communications disruptions for other carriers utilizing the company’s infrastructure. Heyde declined to speculate on the attack’s origin during initial assessments, stating it was “too early to say where the attack came from” and offering no additional commentary on attribution. No technical specifics regarding attack vectors, traffic volumes, or mitigation techniques were disclosed publicly. Service restoration constituted the primary documented response action, with no references to law enforcement involvement, customer compensation, or pre-existing defensive measures in the available reporting. The disruption highlighted vulnerabilities in core network infrastructure critical to Cirrus’ value proposition of reliable connectivity for bandwidth-intensive environments.