Network Operator and Broadband ISP ICUK Suffers Protracted Attack
Network operator ICUK, which provides wholesale connectivity and broadband solutions to ISPs and businesses, appears to be in the process of trying to fully recover all of its services after suffering an ongoing cyber-attack that has disrupted some of their systems.
According to The Register, ICUK’s VoIP and web services (e.g. Control Panels, API, websites) began being hit by a large Distributed Denial of Service (DDoS) attack on Monday afternoon. Such assaults are sadly quite common in this industry and work by overloading a target server or user with masses of data requests from multiple internet-connected devices (often malware hijacked computers / botnets), causing connectivity and performance problems.
The initial attack against their core network was promptly mitigated by their Cloudflare DDoS protection. As a result, ICUK’s broadband/leased line network is currently functioning as normal. The attackers have since turned their attention to ICUK’s VoIP and Control Panel/Website Infrastructure, which has continued to experience some periodic problems this afternoon, although it came back online just as we were going to press.
Advertisement
Leslie Costar, Owner of ICUK, said: “Communication with our customers has been open, frequent, and transparent throughout this process. The directors and staff at ICUK would like to sincerely thank all customers for their patience, support, and understanding during this challenging time.”
Control Panel and API Access Update – 08/10/2025 16:29
We are aware of continued DDOS attacks against our Control Panel and API which we are working on each one as they come through to mitigate them. Our apologies this has continued to happen.
ICUK are currently in the process of moving some of their hosted services towards Cloudflare protection. The situation comes not long after major UK telecoms provider COLT was hit by a much more serious attack (here).
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and Linkedin.
« eSIM.net Launch Free 30 Day Vodafone eSIM Mobile Plan Called AirFree
Advertisement
Leave a Reply
Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message and display names can be almost anything you like (provided they do not contain offensive language or impersonate a real person’s legal name). By clicking to submit a post you agree to storing your entries for comment content, display name, IP and email in our database, for as long as the post remains live.
Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.
I have worked at a few alt-nets. Some of their CRMs do not even have MFA. It’s just basic logins. All it takes is a phishing email to leak a FAT amount of customer data, highly sensitive data- names, emails, numbers, addresses, bank details.
I’ve been with ICUK for a while now, very happy so far since this is the only internet fault I’ve had with them where their infrastructure was the cause or what was unavailable.
I hope in the future that the other providers they support start offering their services to me so I can move off Openreach and BT wholesale.
Not an entirely accurate account.
ICUK had to delete their upstream provider routing. Effectively deleting themselves from the internet. This had a 90 minute hard disruption, along with the issues either side of around 6 hours.
The portal has been fairly unusable for 2 days and VoIP platform has been fairly intermittent.
However, there has been communication and transparency which has bought 2 days of ease, but if it does continue, it will turn to frustration and therefore that’s when people will reconsider their use.
The main reason for icuk is their portal, it wipes the floor of many other providers.
So they did not have scaled protection in place?
I’m pretty sure Russia is testing the West’s IT structure, readying to knock it all out in one go when Ukraine falls and he goes after Poland. He seems hell bent on rebuilding the USSR by reclaiming the countries it once occupied. He wants another world war, and the west has helped Russia become rich through ill advised partnerships and business deals and wholesale online financial theft and extortion, enabling him to finance it. It worries the hell out of me.
Vodafone just been hit, with similar results.