TalkTalk internet taken down as company hit by same cyber attack that broke connections across the world

The ‘Mirai’ worm is becoming more and more powerful as a way of breaking the internet

Andrew Griffin
Friday 02 December 2016 10:18 GMT
TalkTalk apologised for the accidental blocking
TalkTalk apologised for the accidental blocking (AFP/Getty)

TalkTalk and other internet providers stopped providing connections to users after they were hit by a huge cyber attack.

The troubled internet provider has said that it – along with the Post Office and other internet providers across Europe – were hit by the Mirai worm and had their connections taken offline.

That worm is becoming increasingly dangerous. It was blamed for a huge internet outage earlier this year, and works by taking over a variety of unsecured internet devices and then pointing them at weak points in the web’s infrastructure.

This time it appears to have targeted a certain kind of router that is used both by the Post Office and TalkTalk, and so left customers of both companies unable to get online.

A spokesman for TalkTalk said in a statement: "Along with other ISPs in the UK and abroad, we are taking steps to review the potential impacts of the Mirai worm.

"A small number of customer routers have been affected, and we have deployed additional network-level controls to further protect our customers."

It follows news from Germany's Deutsche Telekom earlier this week that up to 900,000 of its customer had lost their internet connection as part of the same incident. No-one has yet claimed responsibility for the attack.

Earlier, a spokeswoman for the Post Office said the issue had begun for their customers on Sunday but that no personal data from users was at risk.

"Post Office can confirm that on November 27 a third party disrupted the services of its broadband customers, which impacted certain types of routers," they said in a statement.

"Although this did result in service problems we would like to reassure customers that no personal data or devices have been compromised.

"We have identified the source of the problem and implemented a resolution which is currently being rolled out to all customers.

"We would like to apologise to any customers who have been experiencing issues with their Post Office broadband service. For those customers who are still having problems we are advising them to reboot their router."

A similar attack on the US-based Dyn web domain provider in October knocked a host of prominent websites offline, including Spotify, Twitter and Reddit.

Security experts have suggested the aim of the attack may have been to simply cause disruption.

Jonathan Sander, from security firm Lieberman Software, said: "When the modified Mirai attack hit Deutsche Telekom over the weekend, many guessed that the fact that it simply shut down the devices it hit was a mistake by the bad guys trying to steal data.

"Now that Post Office routers are falling victim to the same type of attack shutting them down, it begs the question if the shutdown is the goal.

"Most cyber crime is about money. But every now and then there are bad guys who just want to watch the world burn."

Additional reporting by Press Association

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in