A1 needed more than six months to kick the hackers off its network. Whsitleblower claims the intruders were Chinese hackers.
A1 Telekom, the largest internet service provider in Austria, has admitted to a security breach this week, following a whistleblower's exposé.
The company admitted to suffering a malware infection in November 2019. A1 said its security team detected the malware a month later, but that removing the infection was more problematic than it initially anticipated.
From December 2019 to May 2020, A1 said its security team had battled with the malware's operators in attempts to remove all of their hidden backdoor components and kick out the intruders.
A1, which didn't disclose the nature of the malware, didn't say if the intruders were financially-focused cybercrime gang or a nation-state hacking group.
The Austrian ISP
told a local blogger -- who was in contact with the whistleblower -- that the malware only infected computers on its office network, but not its entire IT system, which consisted of more than 15,000 workstations, 12,000 servers, and thousands of applications.
... ...