Cyber Incident Victim: K-net

In late August 2020, multiple internet service providers across Belgium, France, and the Netherlands experienced distributed denial-of-service (DDoS) attacks targeting their DNS infrastructure. French ISP K-net was among the confirmed targets alongside EDP in Belgium, Bouygues Télécom in France, and Caiway and Delta in the Netherlands. The attacks occurred over approximately one week prior to September 3, 2020, with each incident lasting no more than 24 hours before mitigation. Service disruptions were reported during active attack periods, though specific outage durations for individual providers weren't detailed. The Dutch non-profit NBIP characterized the attacks as employing DNS amplification and LDAP attack vectors, with some attacks reaching intensities of 300 gigabits per second.

Mitigation efforts successfully contained all attacks within a day of onset, though the article didn't specify technical countermeasures deployed by individual ISPs. On September 4, 2020, the Dutch National Cyber Security Centre (NCSC) confirmed extortion demands involving Bitcoin payments were associated with some attacks, though no explicit linkage to K-net's incident was established. The attacks coincided with separate DDoS extortion campaigns against financial institutions reported by ZDNet, though investigators found no definitive connection between these events. A separate CenturyLink network outage during this period was attributed to a misconfigured Flowspec rule intended to mitigate DDoS traffic, illustrating broader infrastructure challenges during the attack wave. No attribution for the attacks against K-net or other European ISPs was confirmed in available reporting.