Major cyberattack launched late last year targeted a telecommunications company in the U.S. heartland, disabling hundreds of thousands of internet routers, according to a report by Lumen Technologies’ Black Lotus Labs.
The attack, which went unreported at the time, occurred in October 2023 and disrupted internet access across several Midwestern states for three days, from October 25th to 27th. Independent experts believe this could be one of the most severe cyberattacks ever against the American telecommunications sector.
Black Lotus Labs did not identify the targeted company or the culprit behind the attack. However, researchers believe the attackers used a malicious firmware update sent to customers that effectively bricked their routers. This tactic permanently disabled the routers’ operational code, rendering them unusable.
The report emphasizes the seriousness of the attack, particularly for rural communities that rely heavily on internet access for emergency services, agricultural monitoring, and healthcare.
While there are limited public details regarding the attack, social media posts from self-identified Windstream customers in October 2023 describe internet outages and difficulties connecting routers. The descriptions align with the timeline and potential consequences outlined in the Black Lotus Labs report.
Neither Windstream, the FBI, nor other government agencies have commented on the reported attack. The incident highlights the potential for significant disruption caused by cyberattacks and the challenges of identifying and holding perpetrators accountable.