Hack attack hits nearly 1 mn of Deutsche Telekom customers' routers
30 Nov 2016
An attack hit nearly 1 million home internet routers of Deutsche Telekom AG customers, and knocked them offline, in the latest in a string of similar events that had revealed vulnerabilities in home devices connected to the internet.
Deutsche Telekom, which counted 20 million fixed line customers, said the attack which started Sunday attempted to infect the routers with malicious software. According to the company, in about 5 per cent of the routers, the virus caused the devices to malfunction, interrupting internet service.
Most of the affected routers were back online as of Tuesday evening, Deutsche Telekom spokesman Stephan Broszio said. The company instructed customers to reboot the machines to download a software patch. It had not yet been able to track the culprit.
The attack used a variant of the Mirai code that had been used in other attacks, according to the SANS Institute, a cybersecurity research group.
According to security experts, the Mirai software had infected millions of network routers, digital video recorders and other connected devices around the world in recent months.
The code worked by exploiting factory-default passwords that most device owners never changed. The software then used its control of the gadgets to flood other websites with junk traffic, in what is known as a distributed denial of service (DDOS) attack.
The same technique was deployed in an on 21 October that denied access millions of people in the US and Europe to websites including PayPal, Twitter and Spotify.
"This was not an attack against Deutsche Telekom. It was a global attack against all kinds of devices," said Dirk Backofen, a senior Deutsche Telekom security executive. "How many other operators were affected, we don't know," he said, Reuters reported.
According to Germany's Office for Information Security, government networks were also targeted by hackers who launched Sunday's attack on some 900,000 Deutsche Telekom customers, but authorities succeeded in keeping systems online.
Federal Office for Information Security, Bundesamt für Sicherheit in der Informationstechnik said, "The (BSI) considers this outage to be part of a worldwide attack on selected remote management interfaces of DSL routers," the government agency said on its website.