Broadband routers hit by nationwide cyber attack
Thousands of broadband users had their internet access cut this week by a cyber attack targeting certain types of router.
About 100,000 Post Office broadband customers were affected, as were “a small number” of TalkTalk customers and a number of internet users on the KCOM network in Hull.
The attack is reported to have used a modified version of the Mirai worm – malware that targets devices that constantly scan, such as routers, and infects them as its spreads.
Some models of router such as the Zyxel AMG1302, which is used by the Post Office and KCOM, and the D-Link DSL-3780 used by TalkTalk, seem more vulnerable to the malware than others.
The Post Office confirmed that on 27 November “a third party disrupted the services of its broadband customers” but said no personal data or devices had been compromised.
“We have identified the source of the problem and implemented a resolution which is currently being rolled out to all customers,” it said in a statement.
“We would like to apologise to any customers who have been experiencing issues with their Post Office broadband service. For those customers who are still having problems we are advising them to reboot their router.
“We constantly review our systems and processes to protect our customers against incidents of this nature. No other Post Office services were affected.”
Crash and disconnect
A TalkTalk spokesperson said: “Along with other ISPs in the UK and abroad, we are taking steps to review the potential impacts of the Mirai worm.
“A small number of customer routers have been affected, and we have deployed additional network-level controls to further protect our customers.”
KCOM said a “significant number” of customers had issues accessing the internet last weekend and identified the cause as a cyber attack that causes certain routers to crash and disconnect from the network.
“The vast majority of our customers are now able to connect to and use their broadband service as usual,” said a spokesperson.
“Our core network was not affected at any time, and we have put in place measures to block future attacks from impacting our customers.”
KCOM said router manufacturer ZyXel has since developed a software update for affected routers, which in most cases will be downloaded to them automatically.
“However, a small percentage of customers with affected routers may need additional support from us to reconnect to the internet and we are in the process of contacting them,” the spokesperson added.
Why do we need your postcode?
Once you enter your postcode, Cable.co.uk will perform a live lookup and check all the available providers in your area.
This ensures you receive accurate information on the availability of providers and packages in your area.
Your information is safe with us. We won't share your postcode with anyone. Guaranteed.