On 8 February, the Portuguese arm of international telecoms giant Vodafone said that most of its customer data services had been forced offline due to a wave of “deliberate cyber-attacks for the purpose of damage and destruction”. The company’s 4G and 5g mobile networks, fixed-line telephony, TV, SMS, and voice/digital response services are still offline.
Vodafone Group PLC is a British multinational telecommunications company headquartered in London, United Kingdom. It currently provides services primarily in Asia, Africa, Europe, and Oceania. In 2018, Vodafone ranked fourth in the number of global mobile subscribers (313 million), and the top three were China Mobile, Bati Telecom, and Vodafone idea (with a 45% share). As of 30 September 2019, Vodafone has 625 million mobile customers, 27 million fixed broadband users, and 22 million TV users in 24 countries (regions) around the world. And has a network of partners in a further 47 countries. Vodafone’s Global Enterprise Division provides telecommunications and IT services to enterprise customers in 150 countries.
In a statement, Vodafone said: ‘We have restored mobile voice services and currently 3G mobile data services are basically available in Portugal. Unfortunately, due to the large scale and severity of the crime, other services have yet to be restored.”
This is the largest network security incident Vodafone Portugal has faced to date. Vodafone has more than 4 million mobile users and 3.4 million residential and business internet users in Portugal. The cyberattack caused a large-scale network disruption.
The company said it was working with government authorities to investigate the incident. Based on the evidence gathered so far, it appears that the customer data was not leaked or accessed by attackers. Despite some rumors on the internet, Vodafone Portugal has not described the incident as a ransomware attack.
The reason for the rumors on the internet is that last month extortion software gangs attacked Impresa and Cofina, the two biggest news media in Portugal. The gang in question goes by the name of Lapsus$ and it is not possible to establish whether the attack on Vodafone Portugal is linked to them.
A Vodafone Portugal employee revealed that he only knew about the technical disruption, but did not hear that the company attributed the incident to a cyber attack. As such, the sudden attack on the night of 7-8 February was not disclosed or reported within the company. Vodafone Portugal is reported to offer fixed and mobile phone services, SMS, internet, and TV products. The company provides fiber services to 3.4 million Portuguese families and businesses and has 4.7 million mobile users. The company said that the service is gradually recovering, but the return to normality will be very slow.
On Tuesday afternoon, the company said it had resumed mobile voice services while national and international team advisors worked to restore other services.
However, according to Bleeping Computer, so far only the 3G network is available to Vodafone users in Portugal (up to 3MB / s), and as explained in the announcement, restoring other services requires a long time and a more cautious approach.
The most valuable asset of an enterprise is information, which is stored in the form of data in the computer and cloud. In order to ensure the continuous operation and success of enterprise business, it is necessary to protect all kinds of data. Human errors, hard disk damage, computer viruses, natural disasters, and so on may cause data loss and immeasurable losses to enterprises. The key problem is how to recover virtual machine or computer data as soon as possible to make it run normally. At present, the most effective and common method is to make an effective backup.
Vinchin is a professional provider of data protection solutions for enterprises. It provides a series of data backup, instant recovery, and offsite DR solutions for private cloud, public cloud and hybrid cloud environments.
Vinchin Backup & Recovery, the next generation VM backup solution self-developed by Vinchin, supports the world’s most mainstream virtual environments including VMware, XenServer/XCP-ng, Hyper-V, RHV/oVirt, OpenStack, Sangfor HCI, Oracle Linux Virtualization Manager and Huawei FusionCompute (Xen Based). It prevents the loss of critical business data due to human misoperation, viruses, attacks, hardware failures, natural disasters, wars, etc. It now supports Chinese, English, German, Czech, etc. languages.