Last Wednesday, December 5, thousands of Orange customers (and some of Jazztel and Simyo, with which it shares coverage) were unable to access Internet browsing.
The operator reported shortly afterwards that it had suffered a cyber attack, allegedly perpetrated by user X (formerly Twitter) @Ms_Snow_OwO. This especially affected network management, but ensured that “no primary data was stolen”.
On Thursday morning he was already completely correct and revealed the reason on his official X profile: “The Orange account in the IP network coordination center (RIPE) suffered improper access which affected the browsing of some of our customers.”
Some experts reported that the reason for the outage was the theft of some IP addresses, illegally taking control of a certain part of the infrastructure.
In this way the hacker manipulated the BGP routes, used for routing data on the Internet, generating major problems in the navigation service. What drove users crazy was the way he managed to hack Orange: the password was so simple that it took him little time to access his RIPE account, as demonstrated by the perpetrator. The main mistake was having a weak password and not having two-step authentication.
Using complex passwords is increasingly important
Because the password was so weak (ripeadmin), the hacker was able to access Orange’s RIPE account (where most of the IPs in Europe, the Middle East and some areas of Central Asia are managed). This shows the importance of always creating a strong password: mixing numbers, special symbols and capital letters.
In fact, more and more websites force new users to create a password under these conditions to avoid cases like that of the orange operator. You also need to make sure to create two-step authentication (also not activated by Orange), because otherwise the basic firewall will not be created.
Internet safety is essential to avoid negative consequences that can affect hundreds of thousands of people both indirectly and indirectly.
2024-01-05 21:30:00
#hacker #Orange #network #proof #strong #passwords