One of the biggest phone companies in the world and a major player in the French telecom industry, Orange, had said on Monday that it had been the target of an unidentified hack.
According to the company’s notification, on July 25, it discovered a cyberattack “on one of its information systems” and took steps to “isolate potentially affected services and minimize any impact.”
In addition, Orange said that the decision to isolate the impacted systems disrupted several of its platforms, commercial clients, and certain public sector services, primarily in France, according to a translation of the announcement. According to the notice, “there is no evidence to suggest that any internal or customer data has been exfiltrated,” and the company’s solutions would progressively restore services by Wednesday.
A media news firm had asked Orange about the nature of the cyberattack and whether the firm had the technical capacity to identify any data exfiltration, but Orange did not reply.
Without giving any details, the company stated in the notice that it is in touch with and notifying concerned consumers and that it has lodged a complaint with the “appropriate authorities.” Within three days of a suspected data breach, European businesses covered by the General Data Protection Regulation (GDPR), the bloc’s data protection laws, must notify their local data protection authorities.
The company claims that Orange employs 127,000 people and serves 291 million clients in 26 different countries.
“But for some of our corporate customers and some consumer services, mainly in France, these isolation operations have caused the disruption of some services and management platforms,” the statement continued.
By Wednesday, July 30, today, we expect that the company will make sure that it had already recognized the problems and was developing fixes that, under “heightened vigilance,” would enable a phased restoration of the critical services.
Orange Telecom is well-established across the Middle East, Africa, and Europe. Actually, three out of ten persons in MEA are Orange clients. Over 291 million consumers are served globally, and the hack has undoubtedly alarmed them. However, Orange made the following statement to allay fears: “At this point in the investigation, there is no indication that any Orange or customer data has been taken. We continue to be watchful in this area.
Any additional inquiries to determine the precise nature of the cyberattack were not answered by the telecom giant. “Orange will not comment further for evident security reasons,” it stated.
The cyberattack against Orange is not a singular occurrence. According to a newly released assessment by the Computer Emergency Response Team of France, which is part of the French cybersecurity organization ANSSI, the French telecom sector has been a top target for adversaries over the last two years.
The primary cause of these attacks has been espionage, and according to ANSSI, it has already dealt with serious compromises of information system operators in this industry for this reason. “Groups of attackers believed to be linked to China, particularly in Asia, regularly and significantly target the telecommunications sector as a whole,” the French cybersecurity agency said, referring to the Salt Typhoon’s attacks on the U.S. telecom industry.
Additionally, it disclosed that in one specific case, the nation’s unidentified telecommunications provider’s core mobile network was breached by state-sponsored terrorists. “A thorough understanding of the industry-specific communication protocols and an emphasis on equipment that is unusual or infrequently monitored by security solutions were the primary features of the modus operandi observed during this compromise.”
In another case, the satellite communication infrastructure of an operator was severely hacked for a number of years, giving the attacker elevated rights to carry out sabotage operations. ANSSI helped another telecom provider eliminate a malevolent actor that had been operating in their systems since at least December 2022. Once again focusing on the sector, this attacker attained high-level privileges that allowed for sabotage, espionage, and lateral movement. One of this threat actor’s primary goals was revealed to be the interception of particular conversations.
The majority of the time, the cyberattacks were discovered years after the original compromise, according to ANSSI. It expects this kind of infrastructure to continue to be targeted and called on the telecom industry to increase its level of alertness.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
