This cyberattack took out 600,000 routers across the country

We’ve been hit with a number of high-profile cyberattacks lately, most notably with a group of hackers allegedly carrying out a Christie’s cyberattack. But now, a recently published research by Lumen Technologies mentioned a cyberattack that happened last year (but was not disclosed until now), which left over 600,000 personal routers inoperable.

The attack was reportedly made possible through a malicious firmware update that erased the router’s operational code, which bricked them. This is an attack that independent experts call one of the most severe cyberattacks ever against America’s telecommunication sector.

The attack happened between October 25 and 27, 2023, and as Reuters mentions, the malicious software was allegedly installed by hackers using specific file links that were left noticeable. Details and event descriptions in the Lumen report pointed to Windstream, an Arkansas-based ISP, as the affected ISP.

Lumen did not say who was behind the attack, and using common methods made it even harder to identify them. But regardless of who it was, the routers could not be fixed, and the only solution was to replace all the affected models.

“A sizable portion of this ISP’s service area covers rural or underserved communities; places where residents may have lost access to emergency services, farming concerns may have lost critical information from remote monitoring of crops during the harvest, and health care providers cut off from telehealth or patients’ records,” the researchers wrote.

The company has not provided information about how it distributed the firmware update to all affected users. Hopefully, investigators will uncover how the attack happened to prevent future occurrences. What makes this incident serious is that, as researchers stated, it prevented health care professionals (among others) from accessing important information, such as patient records.