Weak Password

Simple password exploits routing table, causing widespread outage.


Hijacked Traffic

Hacker reroutes internet, disrupting connections for numerous users.


No Data Breach

Customer data seemingly safe, but security concerns remain high.

city, buildings, sea-7137958.jpg

News > Cyber-Attacks > CA-General
by Kevin Wood

Orange España Suffers Major Outage After Hacker Hijacks Routing Table with “Ridiculously Weak” Password



internet outage

Spain’s second-largest mobile operator, Orange España, experienced a significant internet outage on January 3rd, leaving countless customers disconnected and frustrated. The source? A surprisingly simple one: a “ridiculously weak” password that allowed a hacker to hijack the company’s global routing table, the map that guides internet traffic.

According to cybersecurity researchers, the attacker, operating under the alias “Snow,” gained access through a compromised employee account associated with the RIPE Network Coordination Centre (NCC). This vital organization manages internet addresses and routing information for a large portion of the globe. Using a password reportedly stolen via malware from the employee’s computer months prior, Snow gained unauthorized access to Orange España’s RIPE account.

Once inside, the hacker manipulated the company’s routing table, essentially directing internet traffic down the wrong paths. This caused widespread disruption, with countless users experiencing connection issues, slowdowns, and even complete internet outages. The attack lasted for several hours before Orange España managed to rectify the situation and regain control of their routing table.

Fortunately, no customer data appears to have been compromised in the incident. However, the vulnerability exposed by such a simple security lapse raises serious concerns about the robustness of online infrastructure and the potential consequences of lax password practices.

The episode highlights several key takeaways:

  • The importance of strong passwords: A basic security measure like a complex password could have prevented this entire incident. Organizations must prioritize robust password protocols and employee cyber awareness training.
  • The power of RIPE NCC: The attack underscores the critical role RIPE NCC plays in internet stability and the potential dangers associated with unauthorized access to its systems. Enhanced security measures for these vital organizations are crucial.
  • The evolving threat landscape: Cyberattacks are becoming increasingly sophisticated and targeted. Companies and individuals alike must remain vigilant and constantly adapt their security practices to stay ahead of these evolving threats.

The Orange España outage serves as a cautionary tale, demonstrating the fragility of our online world and the need for constant vigilance against cyber threats. Only by prioritizing robust security measures and fostering a culture of cyber awareness can we build a more resilient and secure internet for everyone.

  • Attacks are like this are on the rise.
  • More organizations are falling victim to cyber attacks every day.
  • When was the last time you reviewed your Disaster Recovery plan?
  • Get the conversation started with BBG today to find out how we can help keep your data secure and make it work for you, not against you.
  • Email us today at info@bbg-mn.com!