Our societies are extremely dependent on computer and telecom networks. Their resilience is an increasingly important issue, as the attack on Vodafone in Portugal reminds us.
The restarting of Vodafone’s network infrastructure continues slowly in Portugal, where the operator suffered a major cyberattack. As a result, millions of people, businesses and businesses across the country were deprived of telephone and Internet access. Unfortunately, this deliberate attack had tragic consequences, as some rescue and emergency services, such as fire stations, ambulances and hospitals, were impacted. Less serious but still annoying repercussion, entire networks of connected ATMs, such as those of Multibanco which allow cash withdrawals, were no longer accessible.
Vodafone Portugal, a subsidiary of the British group which has some 4.3 million subscribers to the mobile network and 3.4 million subscribers to the fixed network, indicates that the attack began on Monday February 7 and immediately brought down whole sections of its mobile networks, 4G and 5G, before extending to other services offered to customers (VoIP, IPTV, etc.). “It was a targeted attack on the network, with the aim, surely voluntary and intentional, of leaving our customers without any service. […] The purpose of this attack was clearly to make our network unavailable and make it as difficult as possible for services to return.”comments Mário Vaz, CEO of Vodafone Portugal.
Priority to emergency services
In practice, Vodafone Portugal was able, from Monday, to relaunch its oldest infrastructures. Thus, its 3G network was switched on again, and certain basic services could once again be used. However, by Wednesday, February 9, not all services had yet become functional again. “Unfortunately, the scale and gravity of the criminal act to which we have been subjected require meticulous and prolonged work for all other services”, explains Vodafone Portugal, adding that the work requires the intervention of national, international teams and even external partners. Priority was given from the outset to emergency services.
No ransom demand was made by the cybercriminals, and the attack carried out was not of the type ransomware. Nothing to do with the attacks of the press groups Impresa and Cofina, both recently targeted by attacks of this type, claimed by the Lapsus$ group.