Telecommunications operator Orange has been the latest to be hit by a cyber attack, as it confirmed that on Friday, 25th July, it had detected an attack on one of its information systems.
Orange serves around 26 countries and approximately 291 million customers, ranging from enterprises to consumers. Like other telecom operators, it faces the challenge of managing more data, more traffic, its infrastructure, all while facing off threats.
Unfortunately, the attack on Orange is not unique, as it reflects an increasingly fraught threat landscape in which any company, no matter its size, is considered a target by cyber attackers who find ransomware attacks especially lucrative where companies are forced to pay ransoms in order to gain access back to their systems and data. In December 2024, a total of nine telecom operators in the US were compromised by Chinese attackers, among them AT&T, Verizon, Lumen Technologies, and T-Mobile.
Orange did not specify what the nature of the attack was, but stated that it did suffer disruption to management services and platforms for business customers, as well as consumer services predominantly in France.
It followed on by saying that it expected services to be restored by the 30th July, having notified the relevant authorities, and would provide no further comment on the matter.
As the number and nature of attacks has intensified, companies have responded by pouring serious money into their cyber defences. In 2024, a report from financial services company Moody showed that cybersecurity spending for the telecommunications, media and technology sector has doubled in the past five years; a 125% increase from 2019 to 2023. Cybersecurity spending also made up 10% of companies’ budgets in 2023.
The news of the attack recently followed Orange’s announcement that its cybersecurity subsidiary Orange Cyberdefense has acquired a Swiss cybersecurity company, ensec, to reinforce its presence in Switzerland. As a result of the acquisition, it will grow its team with 40 cybersecurity experts from ensec.
AI-driven attacks, such as those leveraging GenAI, have been posited as having the potential to give cyber attackers the tools to launch increasingly more sophisticated attacks such as creating realistic-looking phishing emails or deepfakes to trick employees into clicking on links and unwittingly giving the threat actors access to their systems.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by visiting our LinkedIn page.