TalkTalk and KCOM are the latest network operators to suffer at the hands of Mirai malware after the two UK telcos confirmed that customer routers had been affected.
TalkTalk said “a small number” of subscribers had lost connectivity on Thursday but that a simple reboot was required to get back online after it rolled out firmware updates.
“Along with other ISPs in the UK and abroad, we are taking steps to review the potential impacts of the Mirai worm,” a TalkTalk spokesperson said.
“A small number of customer routers have been affected, and we have deployed additional network-level controls to further protect our customers.”
KCOM said “a significant number” of customers on its Hull and East Yorkshire network were impacted last weekend.
It said the attack targeted a vulnerability in certain ZyXel-manufactured broadband routers, causing them to crash and disconnect from the network.
“The vast majority of our customers are now able to connect to and use their broadband service as usual,” the company said in a statement.
“Our core network was not affected at any time, and we have put in place measures to block future attacks from impacting our customers.”
Earlier this week, Deutsche Telekom revealed that 900,000 routers had been attacked by Mirai.
The Germany-based operator said hackers had attempted to infect routers with malware and then launch a wider attack on the internet.
The attempt failed, but it still caused connectivity outages.
Mike Ahmadi, Global Director - Critical Systems Security at software vendor Synopsys, said there were two key issues to consider in light of the attacks.
“One is the fact that most product vendors and organisations deploying the products remain unaware of the level of vulnerabilities in their systems.
“The other issue is for those that are aware, strategies to mitigate against large, scalable attacks are either rudimentary or non-existent.”