In Short:
An unknown hacking group launched a cyberattack on a U.S. telecommunications company, disabling over 600,000 internet routers last October. The attack went unnoticed and only recently discovered by security analysts. The hackers installed malicious software causing internet disruptions. The impacted areas included rural and underserved communities where access to emergency services, farming data, and healthcare services was affected. The FBI is investigating the incident, with Windstream possibly being the targeted company.
WASHINGTON: An unidentified hacking group carried out a significant cyberattack on a telecommunications company in the U.S. heartland late last year, resulting in the disabling of hundreds of thousands of internet routers, as per research released on Thursday.
Discovery and Impact
Security analysts at Lumen Technologies’ Black Lotus Labs uncovered the attack in recent months and detailed it in a blog post. The attack, which occurred in October but was not publicly disclosed at the time, took offline over 600,000 internet routers, leading to widespread disruption in numerous Midwest states.
The malicious software installed by the hackers disrupted internet access from Oct. 25 to 27 and continued to circulate online through specific file links left by the attackers.
Details and Findings
The report did not identify the targeted company, and no specific country or group was attributed to the hack. The attack involved the installation of a malicious firmware update that rendered the routers inoperable by deleting elements of their operational code.
According to Lumen’s report, the deliberate act of sending out the malicious firmware update aimed to cause an outage, highlighting the severity of the attack.
Reacting Entities
Windstream, an Arkansas-based internet service provider, was singled out in the Lumen report as the likely target of the cyberattack. However, both Windstream and the FBI declined to provide comments on the matter.
The potential consequences of the attack were deemed serious, particularly impacting rural or underserved communities, emergency services, farming operations, and healthcare providers.
User Reactions and Responses
Some Windstream customers took to social media platforms like Reddit to express their experiences of the outage, with reports of router connectivity issues and the need for new devices due to the disruption caused by the cyberattack.
While it remains uncertain if the FBI was informed about the incident, the tendency of private companies to keep such events undisclosed was noted.
