Deutsche Telekom routers hit by cyber attack

Up to 900,000 Deutsche Telekom customers affected by hack on the German communications company

Hundreds of thousands of Deutsche Telekom customers were affected by what was said to be a failed hacking attempt on consumer router devices, Reuters reported.

Deutsche Telekom confirmed that around 900,000 customers had their broadband disconnected following the attempted hack of its hardware. This was around 4.5% of its customer base.

Customers experienced disruptions to broadband connections, including mobile line, TV or internet services.

The problems started on Sunday at 14:00 GMT and continued until Monday. Network monitoring website reported tens of thousands of complaints in different parts of Germany.

Advertisement - Article continues below

Deutsche Telekom head of IT Security, Thomas Tschersich told German newspaper Der Tagesspiegel that the issues experienced seemed to be connected to an attempt to make a number of customers' routers part of the Mirai botnet.

He said: "In the framework of the attack, it was attempted to turn the routers into a part of a botnet. While this was unsuccessful, the routers crashed in the attempt to take over."

Mirai is malware that attempts to turn network devices into remotely controlled bots. These bots can ultimately be used for large-scale DDoS attacks.

Jerry Goodman, vice president of the government systems division at communications company ViaSat, said: "This hack only further emphasises the weaknesses that exist in our increasingly connected world. In this case, consumers have been cut off from their internet, phone and TV, but it could've been worse."

Goodman added: "For instance, dedicated attackers could cut off not only residential internet, but traffic and train signals, or water and energy supplies. A sobering thought."

Telekom offered firmware patches for some of its routers on Monday, particularly two models produced by Arcadyan Technology.

Government sources told Reuters that German Security officials said the problem appeared to have been caused by hackers.

To customers experiencing problems, Deutsche Telekom suggest to unplug their router, wait 30 seconds and restart it. If the issue persists, it advised to disconnect the router from the network entirely.

Goodman said: "To protect against these attacks, organisations must assume that every single part of their network infrastructure is a potential vulnerability, and mitigate against this. For instance, by teaching both workers and customers best security practices; by monitoring systems to detect unusual behaviour and having their systems react before damage can be done; by controlling the access any one user or device has to critical systems; and by adding multiple layers of encryption, so that potential damage can be minimised."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now



Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Best antivirus for Windows 10

3 Sep 2019

Best free malware removal tools 2019

8 Mar 2019

Most Popular

identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019

Five signs that it’s time to retire IT kit

29 Nov 2019

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019