2024-01-04
Orange España Mobile Outage
Spanish mobile carrier Orange España has acknowledged that it experienced an outage earlier this week. The incident was caused by a threat actor accessing Orange’s RIPE Network Coordination Center account using a weak password. RIPE, or Réseaux IP Européens, is “the Regional Internet Registry for Europe, the Middle East, and Central Asia.”
Editor's Note
According to some reports, the RIPE account used by Orange did not use MFA. At this point, it is inexcusable for a critical infrastructure account like this to not be protected by multi factor authentication. Even highly qualified network engineers may succumb to malware.
Johannes Ullrich
This incident highlights the tug between operations management and cybersecurity. From an operations perspective, workflow accounts are often shared and have simple passwords associated with the login. From a security perspective, accountability is important and is reflected in individual accounts with unique passwords. From a risk perspective, better to err on the side of security, especially when it comes to password complexity.
Curtis Dukes
While most popular enterprises offer strong authentication options to their customers and users, for perception of cost and inconvenience, many fail to use this essential measure internally, even, as in this case, for privileged users. Make the implementation of strong authentication a high priority for 2024.
William Hugh Murray
Read more in
Dark Reading: Administrator Account For Middle East Internet Registry Hacked
The Register: Infostealer malware, weak password leaves Orange Spain RIPE for plucking
Bleeping Computer: Hacker hijacks Orange Spain RIPE account to cause BGP havoc
The Record: Major Spanish mobile carrier suffers three-hour outage after account takeover
Ars Technica: A “ridiculously weak“ password causes disaster for Spain’s No. 2 mobile carrier