Bookmarking this for later reference, but in short, there’s been a spate of cybersecurity incidents here in Portugal since New Year’s: various media groups (of varying prominence and quality), the Portuguese Parliament, and now telcos.
(And yes, the irony of the linked story being hosted on the fallback Wordpress instance one of those media groups had to set up after being attacked is… quite serendipitous, really.)
But the reason I’m making a note of this (besides it being my former company, my current fiber ISP and a non-trivial escalation from attacking unkempt, legacy platforms in non-technical orgs managed on shoestring budgets to a “proper” cybersecurity-aware organization) is the continuing trend of laissez-faire that has not been changed by the adoption of cloud computing in various forms, and the way security isn’t a priority in many organizations (including, and up to, the Portuguese government).
Other than vague noises from the usual snake oil/utter ineffective government-backed cybersecurity entities, there’s been remarkably little open discussion about security posture, threat modeling, or the need for professional staffing and proactive measures (most likely because what passes for local IT press prioritizes drama and politics over education).
And I don’t expect there will be, things being what they are here.
Update: In the meantime, Mário Vaz, Vodafone Portugal’s CEO, delivered an amazing press conference in which he essentially gave a brilliant object lesson on how to clearly communicate, respond and deal with what is the most serious telecommunications network attack to a national fixed-mobile operator in years. No PR fluff. No teleprompter. No drama. Just unparalleled professionalism, leadership, focus, and unequivocal clarity on all the complex details involved—while always putting customers first.
Update 2: Less than 24h after the attack, Vodafone Portugal already restored most services, which is nothing short of remarkable given they apparently had to rebuild their network core. I experienced only minor disruption to internet and TV (there was obviously some reconfiguration going on in the morning), and 4G mobile service was restored throughout the afternoon.