Cellcom Experiences Cyber Attack

Cellcom, a wireless service provider based out of Wisconsin, has experienced a cyber attack that has disrupted text and voice services since May 14.

Lawrence Pingree, vice president of Dispersive, a next-generation zero-trust network access solution, said he thinks the attack could have been distributed denial of service (DDoS) related, meaning that the attackers used multiple compromised systems to overwhelm the network and make it unavailable for legitimate Cellcom customers.

“These devices can join and participate in distributed broadband-based attacks that use tools like Slowloris, DDoS-Ripper, CC-Attack and other types of DDoS attack tools,” Pingree said. “These tools don't necessarily need to send a lot of traffic on a single-host basis. For example, if residential proxies are used, a simple query to their text/voice API [application programming interface] could disrupt when duplicated across 20,000 breached residential proxies.”

Pingree said DDoS attacks are difficult to counter because they require several responses, including monitoring broad-based connectivity, rerouting traffic and eliminating the load.

In a letter to Cellcom customers, Brighid Riordan, Cellcom CEO, shared that the cyber incident affected an area of Cellcom’s network that was separate from where the company stores sensitive information.

“We have no evidence that personal information related to you, your name, your addresses, your financial information, is impacted by this event,” Riordan said.

Riordan said in a video that she and her team do not have all the facts, but they are prepared and have been investigating the issue with help from the FBI and state officials.

As of Monday, calls between Cellcom customers and some SMS text services have been restored. While the company is not able to provide a concrete date, the Cellcom team hopes to have full service running again by the end of this week.