UK Homes Lose Internet Access After Cyber-Attack (theguardian.com)

← Back to Stories (view on slashdot.org)

UK Homes Lose Internet Access After Cyber-Attack (theguardian.com)

Posted by msmash on Friday December 2, 2016 @03:20AM from the outage-report dept.

More than 100,000 people in the UK have had their internet access cut after a string of service providers were hit by what is believed to be a coordinated cyber-attack, taking the number affected in Europe up to about a million. From a report on The Guardian, shared by reader JoshTops: TalkTalk, one of Britain's biggest service providers, the Post Office and the Hull-based KCom were all affected by the malware known as the Mirai worm, which is spread via compromised computers. The Post Office said 100,000 customers had experienced problems since the attack began on Sunday and KCom put its figure at about 10,000 customers since Saturday. Earlier this week, Germany's Deutsche Telekom said up to 900,000 of its customers had lost their internet connection as part of the same incident.

33 comments

Min score:

Reason:

Sort:

Oh no by 110010001000 · 2016-12-02 03:22 · Score: 4, Funny

In related news, productivity of workers in the UK was up 455% today.
1. Re:Oh no by caferace · 2016-12-02 03:45 · Score: 1
  
  Unless of course, you're a 'net based company.
2. Re:Oh no by mjwx · 2016-12-02 03:49 · Score: 2
  
  In related news, productivity of workers in the UK was up 455% today.
  Not if you were working from home. BTW, internet is fine here in Surrey, No shortage of cat videos.
  
  --
  Calling someone a "hater" only means you can not rationally rebut their argument.
3. Re:Oh no by Anonymous Coward · 2016-12-02 05:03 · Score: 0
  
  Hilarious. Give it rest you fucking neckbeard.
4. Re:Oh no by s.petry · 2016-12-02 05:40 · Score: 1
  
  Curse or hate the Russians? I'm so confused....
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
5. Re:Oh no by Anonymous Coward · 2016-12-02 07:27 · Score: 0
  
  "Give it [a] rest"
  Ftfy you anon with anger issues
  Sincerely,
  Anon who cares
6. Re:Oh no by antdude · 2016-12-02 16:27 · Score: 1
  
  Not for those who needs the Internet like work from home people!
  
  --
  Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
Oh noes!!!! by Anonymous Coward · 2016-12-02 03:29 · Score: 0

This is truly the cyber war!
TRUMP WON by Anonymous Coward · 2016-12-02 03:30 · Score: 0, Troll

Just a reminder, Trump Won, no more fucking muslims.
Smugness by Anonymous Coward · 2016-12-02 03:42 · Score: 0

As a result the smugness of the Internet today dropped by 4000x.
New Normal by DumbSwede · 2016-12-02 03:46 · Score: 2

Get use to the new normal. It may get harder and harder to use the internet as bad actors (whether criminal or State) adopt AI to compromise systems. Of course we will use AI to protect systems, but this is probably an asymmetrical fight. What use are captchas or security questions if a basic enough AI can pose as a human and has enough background information to draw from? I don’t know whether the coming AI proxy wars will speed AI development, or slow it down as the internet grinds to a halt.

--
Letter To Iran
1. Re:New Normal by 110010001000 · 2016-12-02 03:56 · Score: 1
  
  AI? You are funny. We can barely get basic software to work right.
2. Re:New Normal by volodymyrbiryuk · 2016-12-02 04:04 · Score: 1
  
  Routers issued by Telekom are crap, hence easy to attack. The attack wasn't as sophisticated as it sounds. But it is also a lack of consumer awareness of cyber security that leads to a lot of attacks being successful.
  
  --
  sudo rm -r -f --no-preserve-root /
3. Re:New Normal by Anonymous Coward · 2016-12-02 04:06 · Score: 0
  
  Correctness is the only long-term viable defense. Code that can't be exploited won't be exploited, no matter how much AI you throw at it.
4. Re:New Normal by Anonymous Coward · 2016-12-02 04:24 · Score: 0
  
  W in T actual F? AI?
  This attack is the equivalent of bringing a war hammer to a fencing tournament. It's a brute force, brain dead simple attack that relies on crap security practices of the manufacturers of these IoT devices.
  Simple, yet devastating. Why would a state actor deploy a massively complicated program that relies on massively complicated machinery that takes decades to develop - and once revealed to opponents, will likely become obsolete because defences can be developed - when all they need to do is ping their target repeatedly - with the aid of a bunch of devices that everyone knows are easy to compromise - to bring it down?
  And "compromise" here is an insult to any hardcore cracker: most of these devices have a telnet port opened to the world (!), use hardcoded credentials (!!) and the user can't change this (!!!).
  The solution here is also simple: start going after manufacturers. FORCE THEM to clean up the mess: force them to either fix their product or to do a full recall on their product. And slap them with heavy fines and jail time (yes, this issue is that serious) if they don't.
  Then maybe manufacturers will think twice before deploying their crap products.
5. Re:New Normal by Anonymous Coward · 2016-12-02 04:25 · Score: 0
  
  I feel, somehow, that you've missed a lot of what has happened in this century.
6. Re:New Normal by Anonymous Coward · 2016-12-02 04:28 · Score: 0
  
  Don't be silly, we just need to close off all those password overrides. Also, 6 firewalls isn't enough, we need at least 8.
  See, this is just ridiculous:
  https://www.youtube.com/watch?v=msX4oAXpvUE
  If they'd just written it in Visual Basic that would have never happened.
7. Re:New Normal by Zocalo · 2016-12-02 04:30 · Score: 1
  
  What's new about it? This is the same FUBAR cluelessness we should be used by now from large consumer ISPs like TalkTalk (who also run the Post Office ISP network), although I thought KCom knew better - maybe they've lost the cluefullness they had when they first set up and were at the cutting edge of high-speed broadband. The only reason this was a problem for them was because they thought it was a good idea to provide their customers with routers with the remote admin ports active and exposed to the Internet at large. Now, the first part of that (the remote admin) is fair enough; we are talking mass-market consumer ISPs here, so being able to remotely push firmware and other updates out to the CPE is generally a good idea, but just *how* long has it been best current practice to restrict access to admin ports to known and trusted IPs again? Defence in depth stuff like that was the "done thing" back when I was working at an ISP in early 2000s, FFS. It's not hard, and there are multiple implementation options; you can do so in your internal distribution network somewhere, you can do it on the edge, by pushing out some sane rules to the devices internal firewall, or (better still) a combination of more than one of the above, but there's simply no excuse for not doing it at all, especially after the last decade and change of major Internet worms.
  
  --
  UNIX? They're not even circumcised! Savages!
8. Re:New Normal by volodymyrbiryuk · 2016-12-02 04:32 · Score: 1
  
  Agree. And as I said before, in the case of Telekom their router are real garbage. I don't know what model KCom uses though. It's a tradeoff between comfort and security and the ISPs opt for comfort.
  
  --
  sudo rm -r -f --no-preserve-root /
9. Re:New Normal by CaptainDork · 2016-12-02 05:15 · Score: 1
  
  ... consumer awareness ...
  
  That's like saying consumers should be up on current events by intuition, with no need for news sites.
  All this shit is computers. Computers should be hardened against this simple crap.
  The answer is to prevent this from happening in the first place.
  I'd suggest a botnet scanner that gives a heads up about open doors and the presence of malware signatures.
  Manufacturers should force password change, or halt installation.
  I like the equipment that ships with random username/password on the bottom that can't be changed.
  
  --
  It little behooves the best of us to comment on the rest of us.
10. Re:New Normal by Anonymous Coward · 2016-12-02 07:31 · Score: 0
  
  I think you don't read enough security blogs...
11. Re:New Normal by Anonymous Coward · 2016-12-02 23:41 · Score: 0
  
  I like the equipment that ships with random username/password on the bottom that can't be changed.
  Except that always goes wrong because ISPs get greedy and think they can bake backdoors into their routers by using the SSID as a seed for the "random" (in appearance) passphrase so they can remote in.
How do you actually lose net connectivity by Anonymous Coward · 2016-12-02 04:18 · Score: 0

when infected by this malware? Doesn't that counter its whole purpose, to continue spreading? It seems something else is going on here.
1. Re:How do you actually lose net connectivity by Anonymous Coward · 2016-12-02 04:30 · Score: 0
  
  It looks like specific models were meant to be hacked in the sense that some shell command would run and download and install a compromised firmware. The botnet targeted a port (7547) used for remote maintenance. While other router models didn't run the command they were basically DDoSed by the constant flood of requests. So restarting those routers would temporarily fix the problem until it (or some of its services) crashed under the constant load. With new, automatically installed, firmwares and ISP side filtering of port 7547 more and more customers are now able to use the Internet normally again. (the routers look for a new firmware on restart)
It's a cyberattack on the UK ... by the UK. by tlambert · 2016-12-02 04:34 · Score: 2

It's a cyberattack on the UK ... by the UK.
The computers in question were obviously part of the Avalanche Botnet.
https://it.slashdot.org/story/...
TalkTalk by Anonymous Coward · 2016-12-02 04:34 · Score: 0

TalkTalk. Consistently the worst-rated major ISP in the UK. If you're feeling some deja-vu, it might be because of this incident reported in February, when a 17 year old script kiddie totally pwned them, that's how good they are. Yes, they are cheap, but I'm surprised people haven't wised up by now, I wouldn't use them even if their service was free.
1. Re:TalkTalk by coofercat · 2016-12-02 08:16 · Score: 1
  
  Exactly - TalkTalk are right down the bottom of the list. They spend their money on X Factor advertising rather than considering to maybe offer decent service.
  We have a lot of choice of providers here in the UK. The biggest providers are almost always the least good ones, and switching is pretty easy (not quite easy enough, but it's not too hard). TalkTalk doesn't even have 'other offerings' that might get you to stay If you're a BT, Sky or VirginMedia customer you might think twice about switching because it might affect your TV service, but that's not an issue with TalkTalk. There's literally no reason to be their customer if they've pissed you off more than once.
2. Re:TalkTalk by Shimbo · 2016-12-02 11:44 · Score: 1
  
  The trouble is that the biggest providers like TalkTalk keep buying out the smaller providers who suck less. It's a chore to swap, especially if you made the mistake of using your ISP provided e-mail address.
cyber! by Anonymous Coward · 2016-12-02 04:54 · Score: 0

Just grab them by the cyber!
Re:Time for illegals to leave. by Anonymous Coward · 2016-12-02 06:32 · Score: 0

This means all Anglos, Africans and Arabs. This land belongs to the red man.
Go ahead. Try to make them leave.
You'll become a "good injun", Pocahontas.
Hosts files hardcodes protect here... apk by Anonymous Coward · 2016-12-02 09:40 · Score: 0

Yes, even vs. router DNS alterations (via hardcoded favorites) via APK Hosts File Engine 9.0++ SR-4 32/64-bit https://www.google.com/search?...
Ads rob speed, security (malvertising) & privacy (tracking).
Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively.
Works vs. caps & PUSH ads.
Avg. page = big as Doom http://www.theregister.co.uk/2... & ads = 40% of it.
Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)
Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity.
Compliments firewalls (blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load).
Gets data via 10 security sites.
APK
P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "seen the code & it's safe" http://forum.hosts-file.net/vi... )