How 50% of telco Orange Spain’s traffic got hijacked — a weak password

Kevin Beaumont explains:

So here’s a funny story.

Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack:

Source: DoublePulsar

[…]

So, how did it happen?

The threat actor accessed Orange’s RIPE account. RIPE look after internet IP addresses, basically the phone book of the internet. From their RIPE details, they were able to announce config which broke BGP routing — think the routing between networks which tell the network where to route the calls.

To administrator RIPE, you use a website called access.ripe.net. The threat actor posted themselves logged in to account [email protected]…

Keep reading at DoublePulsar.

Hotel and Casino near Las Vegas Strip suffers data breach, documents say
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach
Cyber-Attack On Bectu’s Parent Union Sparks UK National Security Concerns
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm
Romanian prisoner hacks prison IT system in plot made for a Netflix movie
Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials

Related: