Deutsche Telekom customers in Germany have been targeted by a cyberattack, knocking roughly 900,000 of its 20 million fixed-line customers offline from the internet.
The cyberattacks began Sunday, November 27 after a number of users across Germany complained about disruption of internet and telephone services.
Soon after, the company announced that while the vast majority of its 20 million customers continued to use its services, with a fully operational network, a significant number of customers remained impacted.
The company’s notice read:
[S]ince yesterday afternoon, a significant number of customers have been having problems: around 900,000 customers with specific routers from around 20 million fixed network customers. We are currently investigating exactly which routers are affected.
At the time, the company alluded to the possibility of an external attack without confirming the theory, noting that there was no specific error pattern to point to.
Soon enough, an update to the notice confirmed an ongoing attack targeting Deutsche Telekom and its wider infrastructure, around the world.
“The attack attempted to infect routers with a malware but failed which caused crashes or restrictions for four to five percent of all routers. This led to a restricted use of Deutsche Telekom services for affected customers,” the notice added.
DownDetector revealed that customers’ network services began to go offline around 2 PM (GMT) on Sunday. Users were affected by the downtime throughout the day, across Berlin, Munich and Frankfurt, among other cities.
A Reuters report quoted Deutsche Telekom’s head of IT security Thomas Thchersich telling a regional newspaper that the outages were tied to a failed hacking attempt to hijack customers’ routers as a part of the dreaded Mirai botnet.
“In the framework of the attack, it was attempted to turn the routers into a part of a botnet”, Tschersich said.
Firmware updates for three models of the affected routers were made available by Monday.
Meanwhile, German government sources have also told Reuters that the country’s security officials believe that the outages were the work of hackers.
Image credit: Wikimedia.