900,000 Deutsche Telekom Routers Disabled by Massive Cyber Attack

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

A recent cyber attack on Deutsche Telekom hit 900,000 client routers across Germany, disabling Internet, television and phone access for hundreds of thousands of customers.

"According to our knowledge, an attack on maintenance interfaces is currently taking place worldwide," the company said in a statement. "This was also confirmed by the Federal Office for Information Security. Following the latest findings, routers of Deutsche Telekom customers were affected by an attack from outside."

"The attack attempted to infect routers with a malware but failed, which caused crashes or restrictions for four to five percent of all routers," the company added. "This led to a restricted use of Deutsche Telekom services for affected customers."

According to The Register, a modified version of the Mirai worm was likely the malware used in the attack.

The Local notes that Germany has been hit by several major cyber attacks in recent years -- in January 2015, a Russian hacker group took down German government websites for several hours.

German chancellor Angela Merkel told The Guardian yesterday that while she didn't know who was responsible for the attack on Deutsche Telekom, "such cyber attacks, or hybrid conflicts as they are known in Russian doctrine, are now part of daily life and we must learn to cope with them."

And German intelligence chief Hans-Georg Maassen said Russian secret services have been conducting attacks "aimed at comprehensive strategic data gathering" on computer systems across the country. "More recently, we see the willingness of Russian intelligence to carry out sabotage," he said.

STEALTHbits Technologies director of product management Brad Bussie told eSecurity Planet by email that the Internet of Things (IoT) will pose the most significant security threat in 2017. "IoT devices were not created with 'security first' and will represent significant targets for nation states as well as criminal hackers due to known and emerging vulnerabilities," he said.

And Lieberman Software vice president of product strategy Jonathan Sander said by email that the Mirai worm is to IoT attacks what the assembly line was to the industrial revolution. "Unlike an assembly line, though, Mirai is downloadable by anyone," he said.

While it looks like the attacker set Mirai up incorrectly in the Deutsche Telekom attack, Sander said. "Deutsche Telekom and others have a large challenge on their hands. Not every attacker will get Mirai wrong and save the day for them. And those years of warnings they and every other vendor have gotten about the poor security of IoT means they are years behind the problem."

A recent eSecurity Planet article examined four essential best practices for IoT security.