‘Criminal’ cyber-attack on Vodafone affected emergency, other services

The chief executive of Vodafone Portugal said on Tuesday that a cyber-attack carried out on the company was “a criminal act” that was “clearly” aimed at putting the network out of action in a serious manner, “to make [it] as difficult as possible” to use the company’s services.

“[It was] a targeted attack on the network, with the purpose, surely voluntary, intentional to leave our customers without any service,” said Mário Vaz at a news conference at the company’s headquarters in Parque das Nações, Lisbon. “The aim of this attack was clearly to make our network unavailable and with a level of severity to make the level of services as difficult as possible.”

Vaz described the cyber-attack as a “terrorist” and “criminal” act and said that everything that “was undone” is being “redone”, but said it would be “a lengthy job”.

Vodafone Portugal has already succeeded in restoring some services and said that it should be able to have its 4G mobile data services available during the afternoon on Tuesday, but “with a high degree of uncertainty”.

Regarding essential services in Portugal that depend on the Vodafone network, such as ambulance service INEM and some fire brigades, Vaz acknowledged that “there was an effect on normal activity” but that access to 3G voice and data service had already been restored.

“We continue to work very closely with the INEM team,” he added.

Vodafone Portugal confirmed earlier on Tuesday that it had been the target of a cyber-attack on Monday but said that there was no evidence that customer data has been accessed and/or compromised, and that it was determined to restore normal services.

In a statement released on Tuesday, Vodafone lamented the inconvenience caused to customers and said that it had “an experienced team” of cybersecurity professionals on the case who, together with the relevant authorities, are carrying out a thorough investigation “to understand and overcome the situation.”

It said that on Monday it was the target of a “deliberate and malicious cyberattack” aimed at causing damage and disruption.

As soon as the first sign of a network problem was detected, it added, it acted “immediately to identify and contain the effects and restore services” with those affected including data network-based services, namely the 4G/5G network, fixed-line voice services, television, SMS and voice/digital answering services.

“We have already recovered mobile voice services, and mobile data services are available exclusively on the 3G network in almost the entire country but, unfortunately, the dimension and seriousness of the criminal act to which we were subjected implies for all other services a careful and prolonged recovery work involving multiple national and international teams and external partners,” said the company, stressing that the restoration of services would happen progressively throughout the day on Tuesday.

In the note, the company said that the investigation would continue indefinitely and with the involvement of the competent authorities.