HomeRisk ManagementsOrange España Data Breach: Dark Web Flooded With Operator Credentials

Orange España Data Breach: Dark Web Flooded With Operator Credentials

Published on

spot_img

Hundreds of network operators’ credentials have been discovered circulating on the dark web following a major cybersecurity breach at Orange España, Spain’s second-largest mobile operator. The breach, which was carried out by an entity known as “Snow,” involved the hijacking of Orange España’s RIPE Network Coordination Centre (NCC) account, resulting in disruptive alterations in border gateway protocol (BGP) and resource public key infrastructure (RPKI) configurations.

The incident, which occurred earlier this month, led to a three-hour service outage, raising concerns about the vulnerabilities of telecom carriers and their associated network infrastructures.

After conducting dark web monitoring, Resecurity uncovered over 1572 compromised customers from RIPE, Asia-Pacific Network Information Centre (APNIC), African Network Information Centre (AFRINIC), and the Latin America and Caribbean Network Information Center (LACNIC) due to malware activities involving password stealers like Redline, Vidar, Lumma, Azorult, and Taurus.

In an advisory published on Monday, the firm highlighted the risks stemming from dark web actors utilizing compromised credentials of ISP/telcom engineers, data-center technicians, network engineers, IT infrastructure managers, and outsourcing companies. These compromised credentials, which are often priced as low as $10, could be exploited by initial access brokers collaborating with ransomware groups or sophisticated cybercriminals to carry out more significant attacks similar to the Orange España incident.

Resecurity provided examples of compromised accounts, including those from a large data center in Africa, a financial organization in Kenya, and a large IT consulting firm in Azerbaijan. The consequences of such compromises extend beyond mere credential theft, potentially leading to unauthorized modifications of network settings, causing disruption to services and security breaches.

Remarkably, most compromised network administrators utilized emails from free providers like Gmail, GMX, and Yahoo, providing valuable information to cyber-espionage groups. Resecurity emphasized the critical need for robust digital identity protection programs to safeguard infrastructure and customers, given the potential for malicious actors to exploit compromised accounts for more sophisticated campaigns.

The company stated that it has notified affected victims, and feedback statistics reveal varying levels of awareness and action among compromised individuals.

The discovery of hundreds of network operators’ credentials circulating on the dark web serves as a clear indicator of the ongoing threat posed by cybercriminals to the telecommunications and network infrastructure industry. The breach at Orange España and the subsequent discovery of compromised credentials underscore the need for heightened cybersecurity measures and vigilance to protect against such malicious activities.

Security experts and industry professionals emphasize the importance of implementing strong authentication processes, regularly updating passwords, and investing in robust cybersecurity solutions to mitigate the risks associated with credential theft and potential network breaches. The vulnerabilities exposed by the breach at Orange España highlight the need for continuous monitoring and proactive measures to identify and address potential weaknesses in network security.

Additionally, the prevalence of compromised credentials from a wide range of network operators underscores the global scope of the threat posed by cybercriminals operating on the dark web. The collaborative efforts of law enforcement agencies, cybersecurity firms, and industry stakeholders are crucial in combatting these threats and preventing future breaches from occurring.

As the telecommunications industry continues to play an indispensable role in global connectivity and communication, protecting the integrity and security of network infrastructure is paramount. The recent breach at Orange España and the subsequent discovery of compromised credentials highlight the urgency of implementing robust cybersecurity measures to safeguard against potential threats and protect the interests of customers and network operators alike.

Source link

Latest articles

Open House: How can we prevent cybercrime in the city?

In today's digital age, the threat of cybercrime looms large, affecting individuals, businesses, and...

Australia Enacts Its First National Cyber Legislation

Australia has made a significant step towards strengthening its cybersecurity measures with the introduction...

18 Individuals Charged for Wide Manipulation of Cryptocurrency Markets

In a groundbreaking development, 18 individuals and entities have been charged with engaging in...

DDoS and Data Breach Emergency

The cybersecurity crisis that the Internet Archive faced recently has caused both its Archive.org...

More like this

Open House: How can we prevent cybercrime in the city?

In today's digital age, the threat of cybercrime looms large, affecting individuals, businesses, and...

Australia Enacts Its First National Cyber Legislation

Australia has made a significant step towards strengthening its cybersecurity measures with the introduction...

18 Individuals Charged for Wide Manipulation of Cryptocurrency Markets

In a groundbreaking development, 18 individuals and entities have been charged with engaging in...
en_USEnglish