I work as a telecom engineer troubleshooting/programming the Ciena 5164 optical router used for Verizon and At&t. These companies and many of my colleagues know exactly what it was but the more interesting part that raised some eyebrows was the fact that cc payment processing and emergency services/SOS/911 calls WERE possible for most of the affected customers. This is key. (This all runs on the same fiber optic network and should have been ‘down’ also.)
I cannot overstate how anomalous the above fact pattern is because when our networks go down, they don’t go down in this piecemeal way.
Here’s the takeaway: The goal of a ‘cyber weapon’ is maximum disruption. Whoever deployed (tested) this ‘cyber tool’ went to great lengths to pause communication ONLY. This surgeon scalpel approach we saw was a MUCH more difficult task than to just ‘nuke’ the whole system so to speak. A tool like this would need to be tested a few times to ensure a reliable partitioning of the ‘Target’ [calls/data] and the ‘Not Target’ [911/cc processing].
I'm a patriot who loves their country so I will not say what 'it' was/is, but if you reread the above a few times, and ask yourself the right questions, logical deduction should provide the answer.
White hats