Monday, November 28, 2016

Hacker attack on the Telecom: What happened, who’s behind it, what … – daily mirror

no phone, No Internet, no TV For almost a Million customers to the Telekom the line was dead a long time. Reason is supposed to be a targeted attack by hackers, the Router is lame – and to an extent not previously available in Germany as yet. Attacks such as these show how dependent the economy and society are now from the Internet – and how little the security systems are prepared for it.

What happened with Telecom?

Since Sunday afternoon Telekom complained customers about the failure of their connections for telephone, Internet and television. Was disturbed but not the network itself, but the Router used to dial-up and telephony, the Internet and the Online television reception. Around 900,000 Router, the nationwide 20 million customers are affected, according to the Telekom – only those with a Speedport router Telekom, the Taiwanese manufacturer Arcadyan. Users of Fritz Box-models, have reported no problems, told the manufacturer AVM to the daily mirror. That it was the fault of the Router not just a purely technical Problem, but a targeted attack from the outside, was apparently quickly.

How did it come to this fault?

Behind the attack, the so-called botnet Mirai, which has started in the past already multiple hacker attacks is according to the findings of the Telekom. “In the context of the attack was an attempt to make the Router part of the botnet. Although this is a failure, in the attempt of the Takeover, the Router crashed but," said Thomas Tschersich, head of the Department of IT security at Deutsche Telekom, on Monday the daily mirror. A remote maintenance interface had been tried, a malicious software on the devices. The Router in this manipulation would not have crashed attempt, would not or only later have been noted, the attack might be in. There is, however, no evidence that customer data had been tapped, said Tschersich. Further cooperation with the Router manufacturer Arcadyan to be examined.

Also, according to the findings of the Federal office for information security (BSI) is a targeted attack. The failure was the result of a worldwide attack on selected remote management port of the DSL routers, according to the Department. According to the BSI, the attacks in the of the authority to self-protected government network were noticeable, could be averted with effective protection measures.

on Sunday, the Telecom had reported the incident to the Federal Agency. Providers of publicly available telecommunications networks are obliged under the telecommunications act, the impairment “without delay, provided this can lead to significant breaches of security or lead”. The hackers had it apart obviously aimed at the Telecom-Router. Neither Vodafone nor O2 parent Telefónica were affected according to its own information of a fault.

What are botnets?

botnets are a group of automated computer programs. The botnet Mirai is already noticed in the past with such targeted attacks. Distributed Denial of Service (DDoS) attacks are called such deliberate overloading of networks by other systems. They serve, for example, to cause harm to operators of Websites or blackmail. Mirai makes use of more and more everyday objects such as refrigerators, Toaster, Babyfones, or cameras are connected to the network. Shortly before the US election Mirai mass Internet had enabled household appliances, in order to exploit their computing power to bring about the Internet service provider, Dyn a number of popular web services like Twitter, Spotify, and Amazon to a Halt.

Why could not protect the telecoms?

Also, the Telekom-Router should be used according to Tschersich, apparently, for a DDos attack. The security gap has not been the Telekom is known, however, within less than 24 hours with Software Updates has been closed. In order for the Updates to users of the affected Router your device for several minutes from power and then plugging it in again.

How big is the threat posed by hackers for the telecommunications?

“We have established in Germany a number of procedures that should serve to keep the networks safe and stable,” says a spokesman for the Federal network Agency. Nevertheless, “you can’t prevent it that there is such interference”. Norbert Pohlmann, Director of the Institute for Internet security at the westfälische Hochschule in Gelsenkirchen, the attack on the Telekom is just another proof of that, “the fact that we have still a long way no Level on which our telecommunications networks are adequately protected against cyber attacks”. The 2015, which entered into force IT security act could only be a first step. The attack on the Telekom should be understood “as a clear warning shot”.

What networks are involved?

For the interior Ministry is not only one of the telecommunications for the so-called critical infrastructure for the country as a whole, but also electricity, Gas, and drinking water supply and sanitation services. In the case of electricity, Gas and water is on Hand. Phone lines are almost as important, because energy supply, Internet and mobile are growing more and more together. Right here experts see vulnerabilities. The protection of the individual networks was not good enough. In addition, malware could skip the software easily from one System to the other. In the Cyber security strategy of the Ministry of interior is in the Chapter on threats: “cyber attacks on energy supply networks, a wide range of public and private life can bring to a Standstill.”

the traditional power grid, converts Just if to an intelligent network (Smart Grid) with multiple millions over the whole country, distributed Measurement, control and control points, there are just as many potential points of attack. Earlier, the electricity network was sealed off, even the most private solar controlled systems via cellular networks. “There can hack in to anyone,” says telecommunications expert Bernd Telecommunications, IT consultant and lecturer at the Fachhochschule Südwestfalen in Meschede. With a special Software could, for example, extortionists each plant for electricity generation around the world, and then in a targeted attack. Like the beats in the Figures, the Berlin-based competence centre for Critical infrastructures: the proportion of hackers in 2015 at 11.6 percent of all suspicious events, it was 2016 so far, 20.6 percent.

How German authorities assess the risk?

security experts repeatedly refer to the machinations of the Russian groups. The Federal Constitution, warned protection in March, in his “Cyber letter” in front of the hacker squad Sofacy. As the presumed target of the attacks to the Constitution, called the protection of German companies in the energy industry. The intelligence service had information on “preparatory actions” for attacks of the Sofacy. The grouping has been active since 2007 and is increasingly being used against countries of the West. Security circles to speak of a Russian retaliation for the sanctions imposed against the country. In the spring of 2015, the hackers captured a total of 14 Server of the Bundestag and the captured data in a volume of 16 gigabytes.

What do affected customers? Are you compensated?

Affected customers who have a mobile phone contract with Telekom, according to statements, free of charge, 24 hours a valid data plan to unlock, to surf via Smartphone or Tablet. The so-called “Day Flat Pass” can be requested from the corresponding mobile device over the page and the indicated charges would not be charged. Customers without a mobile Telecom contract should go to a Telecom Shop. “You helped,” assured the company. Experts advise to take the Router for several minutes by the network. Maybe the Router will work.


No comments:

Post a Comment