Late last year, a group of as-yet-unidentified hackers launched a massive cyber attack on a US telecommunications company, causing hundreds of thousands of internet routers to stop working, US media reported. Reuters.
The report states that analysts from Lumen Technologies’ Black Lotus Labs first discovered the attack and shared their findings. The incident was not immediately made public when it occurred in October. Independent experts were able to confirm that the cyberattack affected more than 600,000 internet routers.
“We assess with high confidence that the malicious firmware update was an intentional act intended to cause an outage.”
Lumen Technologies blog post:Pumpkin EclipseAccording to the post, the attack took place over a period of three days. The infected devices were “permanently rendered inoperable, requiring hardware-based replacements.” The post further read:[p]Public scan data confirmed the sudden and rapid removal of 49% of all modems from the affected ISPs’ Autonomous System Numbers (ASNs) during this period.”
The report, however, did not say which companies were affected, and Lumen Technologies did not attribute the attack to a specific hacker group or country of origin. Researchers argue that the hackers used common techniques to carry out the attack, making it even harder to identify who is behind it.
“We determine with high confidence that the malicious firmware update was an intentional act intended to cause an outage,” Lumen Technologies reported. “This type of destructive attack is extremely concerning, especially in this case.”
Reuters reported that evidence presented in the Lumen Technologies report suggests the victim was Arkansas-based internet service provider Windstream, but the company has not confirmed this and the FBI has declined to comment on the matter.
The researchers claim that the attack could have serious consequences.
“A significant portion of this ISP’s service area covers rural and underserved areas – where residents lose access to emergency services, farmers lose critical information from remote monitoring of crops during harvest, and health care providers are cut off from telemedicine and patient records,” the researchers said.
The report said it was unclear whether the FBI was notified when the hack occurred — private companies are known to keep their information private.
Like Blaze News? Bypass the censorship and sign up for our newsletter to get stories like this directly to your inbox. Register here!
