Deutsche Telekom: Cyberattack Could Have Taken 900,000 Routers Offline

German telecoms giant Deutsche Telekom has rolled out a software update to customers after nearly a million were either cut off or had issues with their broadband service and has refused to rule out the possibility the problems were caused by a cyberattack.

Customers have reported issues with their service since yesterday afternoon and engineers had been working on a fix which is now available.

The faults have not been localised to a single part of the network and have impacted users across the country. As many as 900,000 of the firm’s 20 million broadband customers were affected, it has been confirmed.

Deutsche Telekom routers

The absence of an error pattern has led to speculation an external actor has caused the fault.

“The vast majority of our customers can use our services without restrictions and our network is fully operational,” said a spokesperson. “However, since yesterday afternoon, a significant number of customers have been having problems: around 900,000 customers with specific routers from around 20 million fixed network customers.

“Based on the error pattern, we cannot exclude the possibility that the routers have been targeted by external parties with the result that they can no longer register on the network.

“Currently a software update is provided to all affected customers to fix the router problem. The software rollout already started and we can see the success of this measure.

“Customers should unplug their router for 30 seconds. Afterwards when reactivating the router the new software will be installed automatically from the servers.”

DDoS Attack?

Experts have suggested cybercriminals looking to stage massive Distributed Denial of Service (DDoS) could be responsible.

“The attack of this kind isn’t something new: this year we had multiple reports about thousands of infected routers used for DDoS botnets,” said Alex Mathews, EMEA technical manager at Positive Technologies.

“We would even suspect that this German story is about ‘a broken botnet’. After all, hackers are not very interested in broken routers, they prefer to take control over working routers, and use them for other attacks. Perhaps, someone tried to build a Mirai-like botnet out of these infected routers in Germany but something went wrong and routers just went off.

“Whether this attack could have been prevented depends on what type of vulnerability was used to infect the routers. For example, Mirai botnet code wasn’t too serious: the malware was looking for gadgets with well-known default passwords (admin: admin, root: password, and so on).

“If people had just changed these default passwords, their routers wouldn’t have been infected. On the other hand, the malware authors can use more serious, unknown vulnerability in routers’ firmware or in communication protocols. In this case, users hardly can do anything to protect themselves.”

Are you a security pro? Try our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

View Comments

  • “If people had just changed these default passwords, their routers wouldn’t have been infected."

    Only a fool would blame the end-user. It's the carrier's responsibility to ship router firmware with unique passwords. Why not just use the router's MAC address as the admin password?

Recent Posts

TikTok ‘Halts E-Commerce Expansion Plans’

TikTok reportedly scraps plans to expand TikTok Shop livestream commerce in Europe and US after…

8 hours ago

European Parliament Passes Landmark Tech Regulations

European Parliament votes to adopt Digital Markets Act and Digital Services Act, but campaigners warn…

9 hours ago

Indian Economic Police Raid Offices Of Smartphone Maker Vivo

Indian economic crime agency Enforcement Directorate raids dozens of locations across India belonging to China's…

10 hours ago

French Music Service Deezer Slumps On Market Debut

Spotify and Apple Music competitor Deezer falls below opening price after long-delayed IPO in Paris…

11 hours ago

Foxconn Expects Stronger Sales In Spite Of Economic Gloom

iPhone manufacturer Foxconn revises full-year expectations upward amidst strong consumer and data centre demand, bucking…

12 hours ago

Samsung ‘To See Profits Jump’ On Data Centre Demand

Industry analysts expect Samsung's profits to jump 15 percent for the second quarter as strong…

13 hours ago