January 3, 2024 at 02:46PM
Orange Spain experienced an internet outage due to a hacker breaching its RIPE account and misconfiguring BGP routing and RPKI settings. This allowed the hacker to divert traffic to malicious destinations. The hacker, known as ‘Snow,’ disabled RPKI, causing a performance issue. Orange Spain is restoring services and investigating the breach. Two-factor authentication was not enabled, potentially facilitating the attack.
Key Takeaways from the Meeting Notes:
– Orange Spain experienced an internet outage due to a hacker breaching the company’s RIPE account and misconfiguring the BGP routing and RPKI configuration.
– The hacker modified the AS number associated with the company’s IP addresses and enabled an invalid RPKI configuration, causing a performance issue on Orange Spain’s network.
– This incident led to browsing issues for some of Orange Spain’s customers, and the company has confirmed that the unauthorized access only affected the navigation of some services without compromising client data.
– It is suspected that Orange Spain did not enable two-factor authentication on their RIPE account, which may have contributed to the breach.
– Cloudflare and other relevant parties have been involved in analyzing and addressing the issue, and Orange Spain has begun restoring services.
Please let me know if you need further assistance or if there are any additional details you would like to discuss.