Vodafone Portugal confirmed it has been subject to a cyber-attack which affected both 4G and 5G networks.
The company says the network disruption began on the night of 7 February 2022 as a result of a malicious cyber-attack which was designed to cause damage and disruption.
The incident affects the provision of services based on data networks, the 4G/5G network, fixed voice, television, SMS and voice/digital answering services.
On 8 February, Mário Vaz, CEO of Vodafone Portugal, said in a statement that "our absolute priority is the restoration of our services. Our technical teams have been working non-stop from the moment this attack was found to reset the operation."
The company has already recovered mobile voice services and data available on its 3G network across most of the country.
Vodafone has also begun to restore mobile data services over its 4G network and on 9 February said the provision of mobile date over the 4G networks continues to improve. The company did not say that it was fully restored yet.
The mobile service is being limited regarding maximum speed to ensure better distribution of the network use available to affected customers.
On 9 February the company also said its priority is the stabilization of its network and the recovery of the fixed voice services, which it noted is relevant for all customers but in particular business customers.
Some communication channels with the company’s Customer Support Service have been re-established. However, the company warned of constraints still remain in this service.
Vodafone Portugal supplies more than 4.7 million customers with its mobile network offering.
The company said it remains determined to restore normal services in the shortest possible time and deeply regrets the inconvenience caused to its customers.
Vodafone Portugal and the Group has an experienced team of cyber security professionals who, together with the relevant authorities, are carrying out an in-depth investigation to understand and overcome the situation.
Telecom targets and the arrival of 5G
Deloitte notes that Telecom companies are a “big target” for cyber-attacks because they build, control and operate critical infrastructure that is widely used to communicate and store large amounts of sensitive data.
The large amounts of personal data that telecommunications organizations carry also makes them a highly desirable target for cybercrime.
Meanwhile, over the last few years 5G adoption has accelerated which brings with it its own cyber security challenges.
In May 2021 the Cybersecurity and Infrastructure Security Agency (CISA) in the US published a document on the potential threat vectors to 5G infrastructure.
“To secure the full scope of 5G use cases, it is critical that strong cybersecurity practices are incorporated within the design and development of 5G technology,” the CISA says.