TalkTalk and Post Office broadband customers hit by cyber attack

500,000 routers go offline as Mirai strikes again

Broadband customers of TalkTalk and the Post Office have been hit by a cyber attack that has left them with no internet connection. The incident happened after a similar attack on routers belonging to customers of Deutsche Telekom.

Interruptions of service had been reported since Sunday and have affected up to 360,000 TalkTalk customers and 100,000 Post Office users.

Advertisement - Article continues below

The attack is said to involve a variant of the Mirai worm. Several routers have been affected by the malware, including Zyxel AMG1302, which is used by the Post Office and D-Link DSL-3780 the latter in use by TalkTalk.

In a statement to the media, a spokesperson for the Post Office said: "We would like to reassure customers that no personal data or devices have been compromised.

"We have identified the source of the problem and implemented a resolution which is currently being rolled out to all customers. For those customers who are still having problems, we are advising them to reboot their router."

A spokesperson for TalkTalk said in a press statement that: "Along with other ISPs in the UK and abroad, we are taking steps to review the potential impacts of the Mirai worm.

"A small number of customer routers have been affected, and we have deployed additional network-level controls to further protect our customers."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Earlier this week, Germany's Deutsche Telekom confirmed that up to 900,000 of its customers had lost internet access because of the Mirai worm. No one has claimed responsibility for the attack.

Andy Green, senior technical specialist at Varonis, told IT Pro that lessons that should be learned from these ongoing Mirai attacks are just how "vulnerable we were as a result of our own IT laziness".

"Sure, we can excuse harried consumers for treating their home routers and IoT gadgetry like toasters and other kitchen appliances just plug it in and forget about it. So, what excuse do professional IT types have for this rookie-level behaviour? Not much!" he said.

Jean-Philippe Taggart, senior security researcher at Malwarebytes, told IT Pro that the leaked Mirai code, poorly secured remote administration on IoT devices, coupled with the recent availability of a Metasploit module to automate such attacks make for an ideal botnet recruitment campaign.

Advertisement - Article continues below

"So far, it seems the infection does not survive a reboot, but the malicious actors tend to disable access to the remote administration as part of the infection. This prevents the ISP from applying an update that would solve these issues. The botnet gains a longer life as user seldom reboot their routers unless they're experiencing a problem," he said.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/security/cyber-attacks/356417/trump-confirms-cyber-attacks-on-russia-election-trolls
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020