TalkTalk and Post Office broadband customers hit by cyber attack

500,000 routers go offline as Mirai strikes again

Broadband customers of TalkTalk and the Post Office have been hit by a cyber attack that has left them with no internet connection. The incident happened after a similar attack on routers belonging to customers of Deutsche Telekom.

Interruptions of service had been reported since Sunday and have affected up to 360,000 TalkTalk customers and 100,000 Post Office users.

The attack is said to involve a variant of the Mirai worm. Several routers have been affected by the malware, including Zyxel AMG1302, which is used by the Post Office and D-Link DSL-3780 the latter in use by TalkTalk.

In a statement to the media, a spokesperson for the Post Office said: "We would like to reassure customers that no personal data or devices have been compromised.

Advertisement
Advertisement - Article continues below

"We have identified the source of the problem and implemented a resolution which is currently being rolled out to all customers. For those customers who are still having problems, we are advising them to reboot their router."

A spokesperson for TalkTalk said in a press statement that: "Along with other ISPs in the UK and abroad, we are taking steps to review the potential impacts of the Mirai worm.

"A small number of customer routers have been affected, and we have deployed additional network-level controls to further protect our customers."

Earlier this week, Germany's Deutsche Telekom confirmed that up to 900,000 of its customers had lost internet access because of the Mirai worm. No one has claimed responsibility for the attack.

Andy Green, senior technical specialist at Varonis, told IT Pro that lessons that should be learned from these ongoing Mirai attacks are just how "vulnerable we were as a result of our own IT laziness".

"Sure, we can excuse harried consumers for treating their home routers and IoT gadgetry like toasters and other kitchen appliances just plug it in and forget about it. So, what excuse do professional IT types have for this rookie-level behaviour? Not much!" he said.

Jean-Philippe Taggart, senior security researcher at Malwarebytes, told IT Pro that the leaked Mirai code, poorly secured remote administration on IoT devices, coupled with the recent availability of a Metasploit module to automate such attacks make for an ideal botnet recruitment campaign.

"So far, it seems the infection does not survive a reboot, but the malicious actors tend to disable access to the remote administration as part of the infection. This prevents the ISP from applying an update that would solve these issues. The botnet gains a longer life as user seldom reboot their routers unless they're experiencing a problem," he said.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019