Cellcom, a regional telecom provider that serves Michigan and Wisconsin has confirmed that a cyberattack was the cause of text and voice service outages that began last week.
Calls between Cellcom customers and some SMS text services have since been restored, and the company confirmed that the incident was concentrated on a network where customer data is not held. As of yesterday, Cellcom could not say when services will be fully restored.
The company’s CEO Brighid Riordan said in a brief video statement, that the company has been dealing with a cyber incident but “simply don’t have a lot of facts.”
Riordan added: “The cyber incident that we’re experiencing is segmented to the voice and texting parts of your service. That’s the good news. We were prepared for this. We’re prepared for these incidents, and we are rolling our protocol through this.”
Cellcom has notified authorities and has teams working around the clock. “What I also want you to know is that we have no evidence that your personal information was impacted,” she stated.
Lawrence Pingree, VP of Dispersive, said: “After reviewing the comments and content that the CEO published, I would make the assumption that the attack may be more DDoS related, there have been quite a bit of remote OT/IoT devices such as compromised routers.”
He says these devices can join and participate in distributed broadband based attacks that use tools like slowloris, DDoS Ripper, CC-Attack and other types of DDsS attack tools. These tools don’t necessarily need to send a lot of traffic on a single-host basis. “For example, if residential proxies are used, a simple query to their text/voice API could disrupt when duplicated across 20,000 breached residential proxies.”
DDoS attacks can be especially difficult to respond to, Pingree adds. “They require specialized services that monitor broad based connectivity, rerouting of traffic, elimination of the load etc. Attackers use every possible method to disrupt, and so even if one method is resolved, another could be used.”
This is why preemptive cyber defense is best, he says. “Instead of being wholly reliant on detection and response strategies, organizations should prioritize preemptive defensive controls.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.