A critical cybersecurity alert surfaces in the aftermath of Orange España’s BGP route hijacking incident. Urgent warnings from expert Kevin Beaumont indicate a looming threat of copycat attacks, emphasizing the vulnerability of organizations relying on RIPE or analogous internet registries.
The call to action is clear – fortify defenses immediately and enable two-factor authentication to mitigate potential risks. The incident itself unfolded due to an attacker gaining access to Orange’s administrator account with RIPE, exploiting the absence of two-factor authentication.
The identified attacker, Ms_Snow_OwO, claimed credit for the disruption, revealing the use of Raccoon malware to obtain a valid password. Orange España acted swiftly to resolve the issue, but the broader cybersecurity community remains on high alert. The crux of the matter lies in the prevalence of compromised RIPE credentials in underground markets, as highlighted by cybercrime intelligence firm Hudson Rock.
This alarming trend poses a significant risk of copycat attacks across European organizations and ISPs. Beaumont’s advisory resonates loudly, urging organizations to be proactive in implementing robust security controls and two-factor authentication measures to thwart potential threats. As the incident serves as a stark reminder of the immediate dangers associated with BGP route hijacking, the cybersecurity community, represented by RIPE, is actively investigating the unauthorized access. Recommendations from RIPE stress the importance of users updating passwords and enabling two-step verification, underlining the necessity for enhanced security protocols.
