[German]Telecommunications provider Vodafone Portugal suffered a serious cyberattack on Monday, February 7, 2022. This was likely designed to cause maximum destruction, according to the company, and severely affected Vodafone services such as LTE and 5G mobile, TV cable network, SMS, and voice and voicemail services. Currently, the provider still seems to be struggling with restoring services.
In the night of February 7, 2022, Vodafone was affected by a network disruption due to a cyber attack. The attack affects all services based on the Vodafone data networks. This includes the 4G/5G networks (the 3G UMTS network could be fixed back in operation), fixed-line telephony, TV, SMS and as well as voice and voicemail services.
The Record picked it up in the above tweet, quoting the company as saying from the press release that the outage was a "deliberate and malicious cyberattack intended to cause damage and disruption." Here's an excerpt:
Vodafone was the target of a disruption to its network that began on the night of Feb. 7, 2022, as a result of a deliberate and malicious cyberattack intended to cause damage and disruption.
As soon as the first signs of a network problem were detected, Vodafone took immediate action to identify and contain the impact and restore services. This situation affects the provision of data network services, i.e. 4G/5G networks, fixed telephony, television, SMS and voice and digital answering services.
We have already restored mobile voice services and mobile data services are available exclusively on the 3G network in most of the country, but unfortunately the scale and severity of the criminal act we were exposed to requires a careful and lengthy restoration for all other services, involving multiple national and international teams and external partners.
Vodafone expects the gradual restoration of services during Tuesday (Feb. 8, 2022). Arstechnica writes in this 2/9/2022 article that Vodafone Portugal is still having problems restoring services, however.
Cyber attack or ransomware infection?
Vodafone is cooperating with local authorities regarding the investigation and states that no customer data was stolen (see). However, I am not sure whether the Vodafone statement "deliberate and malicious cyber attack with the aim of causing damage and disruption" really captures the facts. To me, it simply looks like Vodafone's UK subsidiary was hit by ransomware (it's not mentioned anywhere, but the error pattern suggests it).
And because everything was digitized there and presumably savings were made in many places, a lot of things went down the drain. The fact that the 3G networks (UMTS), with old technology, were quickly put back into operation, while the modern 4G/5G networks were disrupted for longer, points in this direction. The damage is likely to run into the millions for Vodafone Portugal and also for its customers. Portuguese media have been the target of cyberattacks several times in recent months.
Cyber attack on German Oiltanking shuts down tank terminal, Dutch Shell also affected
Cyberattack on Oiltanking: Black Cat ransomware group responsibe, also for Colonial Pipeline Hack
Cyberattack on Red Cross, data of 515,000 vulnerable people compromised
Cookies helps to fund this blog: Cookie settings