Deutsche Telekom Attack Part of Global Campaign on Routers

Deutsche Telekom attack part of global campaign on routers used to access of Internet services.

Deutsche Telekom attack part of global campaign on routers

Deutsche Telekom cyber attack on nearly one million routers used to access Internet services was part of a campaign aimed at Web - connected devices around the world, the German government and security researchers said on Tuesday.

The exposure of the German Information Security Agency (BSI) has raised concerns about the growing number of cyber attacks that interfere with Internet services by exploiting common vulnerabilities in widely used routers, webcams, digital video recorders, and other Web connectivity devices.

Security researchers say infections have spread to countries like Brazil, the United Kingdom and Ireland using technology that prevents millions of people in the United States and Europe from accessing Web sites such as PayPal Holdings Inc, Twitter Inc and Spotify on October 21.

This was a global attack on all sorts of devices," said Dirk Backofen, Deutsche Telekom security director. BSI said the German government network is targeting Sunday attacks on Deutsche Telekom customers, but the authorities have succeeded in keeping the system online.

Deutsche Telekom the largest telecommunications company in Germany, said that Internet outbreaks swept 900,000 users, about 4.5 percent of paid users.

Deutsche Telekom and the German government did not disclose any other victims, but Cyber security firm Rapid7 Inc said the attackers observed that they were trying to infect routers around the world.

Eir and Vodafone Group Plc, Irish operators in the UK, use routers vulnerable to the same kind of attack, said Tod Beardsley, Rapid7 security research director.

Flashpoint, the second US cyber security research firm, said routers infected Brazil, the United Kingdom and Germany.

Eir said in a statement that broadband modems from ZyXel Communications Corp in Taiwan are aware of potential vulnerabilities used by about 30% of Eir customers.

"We have deployed a number of device and network-level solutions to eliminate this risk," Eir said. The incident was reported to the Irish authorities.

Vodafone did not say whether the customer was infected, but said the attacker knew of a vulnerability in the router that would allow denial-of-service attacks.

Brazil's National Computer Emergency Response team was analyzing the impact of the attack on Brazil in an interview with Reuters, but did not mention how many computers were infected.

Mirai Botnet
The attack began with software called Mirai, which turns a large attack into a "bot" that remotely controls the attack of Web sites and computer systems by finding vulnerable connections.

Deutsche Telekom executives apologized for the blackout and said they provided details about other companies' network operators and security companies. Security experts said the issue was affected by Deutsche Telecom customers using three routers manufactured by Taiwan's Arcadyan Technology, which produced software patches distributed to users on Monday.

Acadian did not reply to Reuters' request.

Security experts say the blame for the attack may not be possible because the Mirai software was released on the Internet. Because it is relatively easy to use, hackers with relatively low skills can be blamed for subsequent attacks.

About Shahzad Memon


Post a Comment

Powered by Blogger.