Did you notice something strange in early December with your Internet connection? Was it your provider Orange? If you felt that way, we confirm that it wasn’t just your imagination. On December 5th, the Orange network “shut down” and left thousands of customers worldwide without connection. The worst part was the cause: a “ridiculously weak” password.
A hacker managed to access the RIPE account of Orange, which manages which networks distribute Internet traffic in much of the world. It was user @Ms_Snow_Owo who claimed responsibility for the attack through her X profile.
The truth is that the hacker didn’t find much resistance to enter: an excessively weak password was the cause of accessing the RIPE account being much easier than expected. Among the main recommendations we find when configuring a password, we see that it should be long, alternate between uppercase and lowercase letters, not refer to specific names, and include symbols and numbers. The password set by Orange practically did not meet any of these requirements.
And what password did they use? The following: ripeadmin. The security company Hudson Rock stated that the password was obtained through malware that stole information, which had been installed on an Orange computer since last September.
If the weakness of the password was not enough, the attack also showed that two-step authentication (F2A) was not enabled. On the other hand, RIPE conducted an investigation into the incident and restored the Orange account. In view of the events, RIPE advised its users to “update their passwords” and “enable two-step authentication”.