Network operator ICUK, which provides wholesale connectivity and broadband solutions to ISPs and businesses, appears to be in the process of trying to fully recover all of its services after suffering an ongoing cyber-attack that has disrupted some of their systems.
According to The Register, ICUK’s VoIP and web services (e.g. Control Panels, API, websites) began being hit by a large Distributed Denial of Service (DDoS) attack on Monday afternoon. Such assaults are sadly quite common in this industry and work by overloading a target server or user with masses of data requests from multiple internet-connected devices (often malware hijacked computers / botnets), causing connectivity and performance problems.
The initial attack against their core network was promptly mitigated by their Cloudflare DDoS protection. As a result, ICUK’s broadband/leased line network is currently functioning as normal. The attackers have since turned their attention to ICUK’s VoIP and Control Panel/Website Infrastructure, which has continued to experience some periodic problems this afternoon, although it came back online just as we were going to press.
Advertisement
Leslie Costar, Owner of ICUK, said: “Communication with our customers has been open, frequent, and transparent throughout this process. The directors and staff at ICUK would like to sincerely thank all customers for their patience, support, and understanding during this challenging time.”
Control Panel and API Access Update – 08/10/2025 16:29
We are aware of continued DDOS attacks against our Control Panel and API which we are working on each one as they come through to mitigate them. Our apologies this has continued to happen.
ICUK are currently in the process of moving some of their hosted services towards Cloudflare protection. The situation comes not long after major UK telecoms provider COLT was hit by a much more serious attack (here).
Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message and display names can be almost anything you like (provided they do not contain offensive language or impersonate a real person’s legal name). By clicking to submit a post you agree to storing your entries for comment content, display name, IP and email in our database, for as long as the post remains live.
Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.